Xftp < 3.0 Build 242 LIST Response Buffer Overflow
High Nessus Plugin ID 47701
SynopsisThe remote host contains an application that is affected by a buffer overflow vulnerability.
DescriptionThe version of Xftp, an FTP client for Windows, installed on the remote host is older than 3.0 Build 242. Such versions are reportedly affected by a buffer overflow vulnerability.
By tricking a user into double-clicking on a file name included in the 'LIST' command response from a malicious FTP server, it may be possible for the attacker to trigger a denial of service condition or to execute arbitrary code on the affected host .
SolutionUpgrade to Xftp 3.0 Build 243 or later.