https://www.exploit-db.com/exploits/23118
https://www.securityfocus.com/bid/82714
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200309-020

FTPDesktopclient3.5及其可能早期的版本存在多个基于堆的缓冲区溢出漏洞。远程恶意服务器借助(1)超长FTPbanner，(2)USER命令的超长响应，或者(3)PASS命令的超长响应执行任意代码。

source: http://www.securityfocus.com/bid/8560/info

A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop receives an FTP 331 response exceeding a certain length, it will trigger the overflow condition. This could allow for execution of malicious code in the context of the affected FTP client.

Username:
---------
(FTP Desktop Sends 'USER username')
PADDING EBP EIP
331 [229xA][4xB][4xX]
(Access violation when executing 0x58585858) // 4xX

Password:
---------
(FTP Desktop Sends 'PASS password')
PADDING EBP EIP
331 [229xA][4xB][4xX]
(Access violation when executing 0x58585858) // 4xX

FTP Desktop FTP Desktop 3.5

来源:BUGTRAQ
名称:20030908MultipleHeapOverflowsinFTPDesktop
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=106305502230604&w;=2