| VID |
16072 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The WS FTP server, according to its version number, has multiple vulnerabilities.
WS FTP Server, developed by Ipswitch, is an FTP server for Microsoft Windows platforms. WS FTP 4.0.2 and earlier versions are vulnerable to the following vulnerabilities:
- SITE command Privileges Elevation Vulnerability
- REST command Denial of Service Vulnerability
- ALLO handler Buffer Overflow Vulnerability
* Note: This check solely relied on the version number of the remote WS FTP server to assess this vulnerability, so this might be a false positive.
* Platforms Affected:
Ipswitch, Inc., WS_FTP Server 4.0.2 and earlier
Ipswitch, Inc., WS_FTP Pro 6.0, 7.5, 8.0.3, 8.0.2
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of WS FTP (5.02 or later), available from the Ipswitch WS_FTP server's "Patches & Upgrades" site at http://www.ipswitch.com/support/WS_FTP-Server/patch-upgrades.html |
| Related URL |
CVE-2004-1848,CVE-2004-1883,CVE-2004-1884,CVE-2004-1885 (CVE) |
| Related URL |
9953 (SecurityFocus) |
| Related URL |
15558,15560,15561 (ISS) |
|
