| VID |
16090 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The WS FTP server, according to its banner, has multiple buffer overflows.
Ipswitch WS_FTP Server is an FTP implementation for Microsoft Windows operating systems. WS_FTP Server version 5.03 dated 2004.10.14 and possibly earlier versions are vulnerable to multiple buffer overflow vulnerabilities, caused by improper bounds checking in its WS_FTP server implementation. By sending malicious data as an argument to one of the affected FTP commands, such as SITE, XMKD, MKD, and RNFR, an authenticated, remote attacker could overflow a buffer and execute arbitrary machine code in the context of the affected server process.
* Note: This check solely relied on the banner of the remote FTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securityfocus.com/archive/1/382624
http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1330.html
http://www.securiteam.com/exploits/6D00L2KBPG.html
http://www.securityfocus.com/data/vulnerabilities/exploits/WS_FTP_Overflow.pl
http://www.securityfocus.com/data/vulnerabilities/exploits/ws_ftpOverflowExploitByNoPh0BiA.c
* Platforms Affected:
Ipswitch, Inc., WS_FTP Server 5.03 and earlier
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of December 2004.
Apply the appropriate update for your system, when a update fixed this problem becomes available from the Ipswitch WS_FTP server's "Patches & Upgrades site" at http://www.ipswitch.com/support/WS_FTP-Server/patch-upgrades.html |
| Related URL |
CVE-2004-1135 (CVE) |
| Related URL |
11772 (SecurityFocus) |
| Related URL |
18296 (ISS) |
|
