CVE-2012-5002 – Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2012-5002

Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command. Desbordamiento de búfer basado en pila en el servidor SR10 FTP (SR10.exe) v1.1.0.6 en Ricoh DC Software DL-10 v4.5.0.1, cuando está activada la opción de nombre de fichero Log, permite a atacantes remotos ejecutar código a través de un comando USER FTP. • https://www.exploit-db.com/exploits/18643 https://www.exploit-db.com/exploits/18658 http://secunia.com/advisories/47912 http://security.inshell.net/advisory/5 http://www.osvdb.org/79691 http://www.securityfocus.com/bid/52235 https://exchange.xforce.ibmcloud.com/vulnerabilities/73591 http://web.archive.org/web/20120514112629/http://secunia.com/advisories/47912 http://www.inshell.net/2012/03/ricoh-dc-software-dl-10-ftp-server-sr10-exe-remote-buffer-overflow-vulnerability • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •