Protek Research Lab's has discovered a vulnerability in multiple Attachmate Reflection products, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the Reflection FTP client in rftpcom.dll when processing filenames within a directory listing. This can be exploited to cause a stack-based buffer overflow via a specially crafted FTP LIST command response.
Successful exploitation allows execution of arbitrary code, but requires tricking a user into connecting to a malicious server.
The vulnerability is confirmed in version 22.214.171.124 (Reflection FTP Client version 14.1.70). Other versions may also be affected.
Solution: Update to a fixed version (please see the vendor's advisories for details).
Provided and/or discovered by: Francis Provencher, Protek Research Lab's
Original Advisory: Protek Research Lab's:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org