AASync.com AASync Stack-based Buffer Overflow

Vulnerability

AASync version 2.2.1.0 contains a stack-based buffer overflow vulnerability (CWE-121) in the handling of responses to the LIST command [1]. The overflow occurs when the client processes an overly long reply from an FTP server, leading to corruption of a structured exception handler (SEH) record [1].

Exploitation

An attacker can exploit this vulnerability by hosting a malicious FTP server that sends a specially crafted response to a LIST command [1]. The victim must connect to the attacker's server and issue a LIST command (e.g., via the AASync client). No authentication is required from the attacker; the overflow is triggered during the parsing of the server's reply [1].

Impact

Successful exploitation allows arbitrary code execution in the context of the user running AASync [1]. The attacker can gain full control over the affected system, including the ability to install programs, view/change/delete data, or create new accounts.

Mitigation

No official patch has been released for this vulnerability [1]. Users are advised to avoid using AASync version 2.2.1.0, especially when connecting to untrusted FTP servers. As a workaround, restrict outbound FTP connections to trusted servers only. If the software is no longer maintained, consider migrating to an alternative application.