CVE-2012-10023
FreeFloat FTP Server USER Command Buffer Overflow
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long username string, which overflows the buffer allocated for user authentication.
| CWE | CWE-121 |
| Vendor | freefloat |
| Product | ftp server |
| Published | Aug 5, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for freefloat ftp server
Be the first to know when new unknown vulnerabilities affecting freefloat ftp server are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
FreeFloat / FTP Server
*
References
raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/ftp/freefloatftp_user.rb exploit-db.com: https://www.exploit-db.com/exploits/23243 my.saintcorporation.com: https://my.saintcorporation.com/cgi-bin/exploit_info/freefloat_ftp_server_user_cmd exploit-db.com: https://www.exploit-db.com/exploits/15689 web.archive.org: https://web.archive.org/web/20101208040029/http://secunia.com/advisories/42465/ web.archive.org: https://web.archive.org/web/20101213050627/http://www.freefloat.com/sv/about-/about-.php vulncheck.com: https://www.vulncheck.com/advisories/freefloat-ftp-server-user-command-buffer-overflow
Credits
D35m0nd142 0v3r