Solar FTP Server 2.1.2

July 26th, 2011

Solar FTP Server 2.1.2 has been released. In this version there was fixed only critical bugs with application vulnerability. Fixed two issues:

- If you send a 2000 byte command with the “PASV” command, you can crash the application.
- A remote attacker can potentially disable the FTP service by sending “USER” command with incorrect data.

Actually it’s the same issue with formatting string and recording in log. In this version we have tried to fix, so that in future no such problems arise again.

In the next version we will add new features. We are happy to listen to your wishes regarding new application features!

Solar FTP Server 2.1.1

January 17th, 2011

We are happy to announce that a vulnerability in Solar FTP Server found by John Leitch is fixed in the version 2.1.1. The vulnerability can be exploited to corrupt memory by sending a FTP command with an overly long parameter.

We highly recommend you to update FTP server to the latest version.

Solar FTP Server 2.1

January 4th, 2011

We are happy to announce a new release of Solar FTP Server 2.1. This minor version has the following enhancements and bug-fixes:

  • Improved CPU performance.
  • Added web server for administrate user accounts via scripts (PHP, Perl, etc.).
  • Fixed critical problems with server stability.
  • Fixed bug with RETR command sent by Firefox browser.
  • Solved the UI bug when adding\editing directories.
  • Fixed enabling or disabling user account.

In light of the substantial enhancements and important bug fixes, we highly recommend to upgrade to Solar FTP Server 2.1.