COMMAND

	CuteFTP buffer overflow

SYSTEMS AFFECTED

	CuteFTP 5.0 XP

PROBLEM

	Lance Fitz-Herbert (aka phrizer) [fitzies@hotmail.com] found :
	
	When a  FTP  Server  is  responding  to  a  "LIST"  (directory  listing)
	command, the response is sent over a data connection. Sending 257  bytes
	over this connection will cause  a  buffer  to  overflow,  and  the  EIP
	register can be overwritten completely by sending 260 bytes of data.

SOLUTION

	Upgrade to new version which should be avalible from Monday  (20th  Jan,
	03).