Rumba FTP Client FTPSFtp.dll v4.2.0.0 OpenSession() Buffer Overflow by sinn3r

|------------------------------------------------------------------|
|   Rumba FTP Client FTPSFtp.dll v4.2.0.0 OpenSession() Overflow   |
|                                                                  |
| by sinn3r - Corelan & Exploit-DB             twitter.com/_sinn3r |
|------------------------------------------------------------------|

This bug was found when I was verifying another bug for Exploit-DB. Please note that
the latest version of FTPSFtp.dll v4.2.3.0.0 is no longer vulnerable to this, and it
is (duh!) recommended to update your Rumba FTP to the latest version if possible.

[+] Vulnerable Component = FTPSFtp.dll
[+] Version              = 4.2.0.0
[+] Function:            = OpenSession ( ByVal __MIDL_0011 As String ) As Object
[+] progid               = FTPSFTPLib.SFtpApplication
[+] Tested on            = Windows XP SP3 ENG + IE 6
[+] Payload              = windows/exec cmd=calc.exe
[+] Special thanks       = rAWjAW and chap0 for testing