[原文]Buffer overflow in the Log-SCR function in the "Log to Screen" feature in WinFtp Server 1.6.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long request.
WinFTP Server is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted request, a remote attacker can potentially cause a denial of service or execute arbitrary code.
Currently, there are no known upgrades or patches to correct this vulnerability. It is possible to temporarily work around the flaw by implementing the following workaround: Disable Log-SCR.