Vulnerabilites related to ipswitch - ws_ftp_server
cve-2003-0772
Vulnerability from cvelistv5
Published
2003-09-12 04:00
Modified
2024-08-08 02:05
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=106288825902868&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/8542 | vdb-entry, x_refsource_BID | |
| http://www.kb.cert.org/vuls/id/219140 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.kb.cert.org/vuls/id/792284 | third-party-advisory, x_refsource_CERT-VN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/13119 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/9671 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:05:12.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030906 Remote and Local Vulnerabilities In WS_FTP Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106288825902868\u0026w=2"
},
{
"name": "8542",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8542"
},
{
"name": "VU#219140",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/219140"
},
{
"name": "VU#792284",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/792284"
},
{
"name": "wsftp-ftp-command-bo(13119)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"
},
{
"name": "9671",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/9671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-09-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030906 Remote and Local Vulnerabilities In WS_FTP Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106288825902868\u0026w=2"
},
{
"name": "8542",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8542"
},
{
"name": "VU#219140",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/219140"
},
{
"name": "VU#792284",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/792284"
},
{
"name": "wsftp-ftp-command-bo(13119)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"
},
{
"name": "9671",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/9671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0772",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030906 Remote and Local Vulnerabilities In WS_FTP Server",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106288825902868\u0026w=2"
},
{
"name": "8542",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8542"
},
{
"name": "VU#219140",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/219140"
},
{
"name": "VU#792284",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/792284"
},
{
"name": "wsftp-ftp-command-bo(13119)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"
},
{
"name": "9671",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0772",
"datePublished": "2003-09-12T04:00:00",
"dateReserved": "2003-09-09T00:00:00",
"dateUpdated": "2024-08-08T02:05:12.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4847
Vulnerability from cvelistv5
Published
2006-09-19 01:00
Modified
2024-08-07 19:23
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/21932 | third-party-advisory, x_refsource_SECUNIA | |
| http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2006/3655 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28983 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/28939 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/20076 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21932"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
},
{
"name": "ADV-2006-3655",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3655"
},
{
"name": "wsftp-xcrc-xsha1-xmd5-bo(28983)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
},
{
"name": "28939",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28939"
},
{
"name": "20076",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20076"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21932"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
},
{
"name": "ADV-2006-3655",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3655"
},
{
"name": "wsftp-xcrc-xsha1-xmd5-bo(28983)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
},
{
"name": "28939",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28939"
},
{
"name": "20076",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20076"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4847",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21932"
},
{
"name": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp",
"refsource": "CONFIRM",
"url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
},
{
"name": "ADV-2006-3655",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3655"
},
{
"name": "wsftp-xcrc-xsha1-xmd5-bo(28983)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
},
{
"name": "28939",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28939"
},
{
"name": "20076",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20076"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4847",
"datePublished": "2006-09-19T01:00:00",
"dateReserved": "2006-09-18T00:00:00",
"dateUpdated": "2024-08-07T19:23:41.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4974
Vulnerability from cvelistv5
Published
2006-09-25 01:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/29125 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29074 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/20121 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/2401 | exploit, x_refsource_EXPLOIT-DB | |
| http://secunia.com/advisories/22032 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29125",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29125"
},
{
"name": "wsftp-pasv-bo(29074)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29074"
},
{
"name": "20121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20121"
},
{
"name": "2401",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/2401"
},
{
"name": "22032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22032"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-18T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29125",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29125"
},
{
"name": "wsftp-pasv-bo(29074)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29074"
},
{
"name": "20121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20121"
},
{
"name": "2401",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/2401"
},
{
"name": "22032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22032"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29125",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29125"
},
{
"name": "wsftp-pasv-bo(29074)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29074"
},
{
"name": "20121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20121"
},
{
"name": "2401",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2401"
},
{
"name": "22032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22032"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4974",
"datePublished": "2006-09-25T01:00:00",
"dateReserved": "2006-09-24T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12145
Vulnerability from cvelistv5
Published
2019-06-11 20:57
Modified
2024-08-04 23:10
Severity ?
EPSS score ?
Summary
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-11T20:57:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm",
"refsource": "CONFIRM",
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12145",
"datePublished": "2019-06-11T20:57:16",
"dateReserved": "2019-05-16T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0666
Vulnerability from cvelistv5
Published
2007-02-02 21:00
Modified
2024-08-07 12:26
Severity ?
EPSS score ?
Summary
Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/33646 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/458932/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/33647 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/32176 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/459023/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/458774/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/458942/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33646",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33646"
},
{
"name": "20070202 Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458932/100/0/threaded"
},
{
"name": "33647",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33647"
},
{
"name": "wsftp-iftpaddu-privilege-escalation(32176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32176"
},
{
"name": "20070202 Re: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/459023/100/0/threaded"
},
{
"name": "20070201 Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458774/100/0/threaded"
},
{
"name": "20070202 Re[2]: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458942/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33646",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33646"
},
{
"name": "20070202 Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458932/100/0/threaded"
},
{
"name": "33647",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33647"
},
{
"name": "wsftp-iftpaddu-privilege-escalation(32176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32176"
},
{
"name": "20070202 Re: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/459023/100/0/threaded"
},
{
"name": "20070201 Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458774/100/0/threaded"
},
{
"name": "20070202 Re[2]: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458942/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33646",
"refsource": "OSVDB",
"url": "http://osvdb.org/33646"
},
{
"name": "20070202 Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458932/100/0/threaded"
},
{
"name": "33647",
"refsource": "OSVDB",
"url": "http://osvdb.org/33647"
},
{
"name": "wsftp-iftpaddu-privilege-escalation(32176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32176"
},
{
"name": "20070202 Re: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459023/100/0/threaded"
},
{
"name": "20070201 Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458774/100/0/threaded"
},
{
"name": "20070202 Re[2]: Ipswitch WS_FTP Server 5.04 multiple arbitrary code execution vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458942/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0666",
"datePublished": "2007-02-02T21:00:00",
"dateReserved": "2007-02-02T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5001
Vulnerability from cvelistv5
Published
2006-09-26 20:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-03T16:21:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp",
"refsource": "CONFIRM",
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5001",
"datePublished": "2006-09-26T20:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0362
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
WS_FTP server remote denial of service through cwd command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.eeye.com/html/Research/Advisories/AD02021999.html | third-party-advisory, x_refsource_EEYE | |
| http://www.securityfocus.com/bid/217 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:52.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "AD02021999",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://www.eeye.com/html/Research/Advisories/AD02021999.html"
},
{
"name": "217",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "WS_FTP server remote denial of service through cwd command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "AD02021999",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://www.eeye.com/html/Research/Advisories/AD02021999.html"
},
{
"name": "217",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WS_FTP server remote denial of service through cwd command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "AD02021999",
"refsource": "EEYE",
"url": "http://www.eeye.com/html/Research/Advisories/AD02021999.html"
},
{
"name": "217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0362",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:52.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1884
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:07
Severity ?
EPSS score ?
Summary
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=108006581418116&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15558 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/11206 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/9953 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:48.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040323 Open the WS_FTP Server backdoor to SYSTEM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108006581418116\u0026w=2"
},
{
"name": "wftp-site-gain-priviliege(15558)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15558"
},
{
"name": "11206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11206"
},
{
"name": "9953",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9953"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040323 Open the WS_FTP Server backdoor to SYSTEM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108006581418116\u0026w=2"
},
{
"name": "wftp-site-gain-priviliege(15558)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15558"
},
{
"name": "11206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11206"
},
{
"name": "9953",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9953"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040323 Open the WS_FTP Server backdoor to SYSTEM",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108006581418116\u0026w=2"
},
{
"name": "wftp-site-gain-priviliege(15558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15558"
},
{
"name": "11206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11206"
},
{
"name": "9953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9953"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1884",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:48.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1848
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 01:07
Severity ?
EPSS score ?
Summary
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/11206 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/9953 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=108006717731989&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41831 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/4542 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15560 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1009529 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:48.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11206"
},
{
"name": "9953",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9953"
},
{
"name": "20040323 How to crash a harddisk - the Ipswitch WS_FTP Server way",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108006717731989\u0026w=2"
},
{
"name": "wsftp-rest-stor-dos(41831)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41831"
},
{
"name": "4542",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4542"
},
{
"name": "wsftp-rest-dos(15560)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15560"
},
{
"name": "1009529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009529"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11206",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11206"
},
{
"name": "9953",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9953"
},
{
"name": "20040323 How to crash a harddisk - the Ipswitch WS_FTP Server way",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108006717731989\u0026w=2"
},
{
"name": "wsftp-rest-stor-dos(41831)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41831"
},
{
"name": "4542",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4542"
},
{
"name": "wsftp-rest-dos(15560)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15560"
},
{
"name": "1009529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009529"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1848",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11206",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11206"
},
{
"name": "9953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9953"
},
{
"name": "20040323 How to crash a harddisk - the Ipswitch WS_FTP Server way",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108006717731989\u0026w=2"
},
{
"name": "wsftp-rest-stor-dos(41831)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41831"
},
{
"name": "4542",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4542"
},
{
"name": "wsftp-rest-dos(15560)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15560"
},
{
"name": "1009529",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009529"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1848",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:48.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5000
Vulnerability from cvelistv5
Published
2006-09-26 20:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41829 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/447077/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.zerodayinitiative.com/advisories/ZDI-06-029.html | x_refsource_MISC | |
| http://securitytracker.com/id?1016935 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "wsftp-multiple-commands-bo(41829)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41829"
},
{
"name": "20060926 ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447077/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-029.html"
},
{
"name": "1016935",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016935"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "wsftp-multiple-commands-bo(41829)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41829"
},
{
"name": "20060926 ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447077/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-029.html"
},
{
"name": "1016935",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016935"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "wsftp-multiple-commands-bo(41829)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41829"
},
{
"name": "20060926 ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447077/100/0/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-029.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-029.html"
},
{
"name": "1016935",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016935"
},
{
"name": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp",
"refsource": "CONFIRM",
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5000",
"datePublished": "2006-09-26T20:00:00",
"dateReserved": "2006-09-26T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12146
Vulnerability from cvelistv5
Published
2019-06-11 20:58
Modified
2024-08-04 23:10
Severity ?
EPSS score ?
Summary
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized directory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-11T20:58:26",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm",
"refsource": "CONFIRM",
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12146",
"datePublished": "2019-06-11T20:58:26",
"dateReserved": "2019-05-16T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1135
Vulnerability from cvelistv5
Published
2004-12-08 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18296 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=110177654524819&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029600.html | mailing-list, x_refsource_FULLDISC | |
| http://www.securiteam.com/exploits/6D00L2KBPG.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "wsftp-ftp-commands-bo(18296)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18296"
},
{
"name": "20041129 Multiple buffer overlows in WS_FTP Server Version 5.03, 2004.10.14.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110177654524819\u0026w=2"
},
{
"name": "20041129 Multiple buffer overlows in WS_FTP Server Version 5.03, 2004.10.14.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029600.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/6D00L2KBPG.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "wsftp-ftp-commands-bo(18296)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18296"
},
{
"name": "20041129 Multiple buffer overlows in WS_FTP Server Version 5.03, 2004.10.14.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110177654524819\u0026w=2"
},
{
"name": "20041129 Multiple buffer overlows in WS_FTP Server Version 5.03, 2004.10.14.",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029600.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/6D00L2KBPG.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "wsftp-ftp-commands-bo(18296)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18296"
},
{
"name": "20041129 Multiple buffer overlows in WS_FTP Server Version 5.03, 2004.10.14.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110177654524819\u0026w=2"
},
{
"name": "20041129 Multiple buffer overlows in WS_FTP Server Version 5.03, 2004.10.14.",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029600.html"
},
{
"name": "http://www.securiteam.com/exploits/6D00L2KBPG.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/6D00L2KBPG.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1135",
"datePublished": "2004-12-08T05:00:00",
"dateReserved": "2004-12-05T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12144
Vulnerability from cvelistv5
Published
2019-06-11 20:55
Modified
2024-08-04 23:10
Severity ?
EPSS score ?
Summary
An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses the SITE command feature.
References
| ▼ | URL | Tags |
|---|---|---|
| https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:10:30.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses the SITE command feature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-11T20:55:50",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-12144",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses the SITE command feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm",
"refsource": "CONFIRM",
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-12144",
"datePublished": "2019-06-11T20:55:50",
"dateReserved": "2019-05-16T00:00:00",
"dateUpdated": "2024-08-04T23:10:30.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2006-09-26 20:07
Modified
2024-11-21 00:17
Severity ?
Summary
Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 5.02 | |
| ipswitch | ws_ftp_server | 5.03 | |
| progress | ws_ftp_server | * | |
| progress | ws_ftp_server | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "4E0A22A5-FBBB-4B7D-A64D-8F021B60181F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "DA85C3EF-DAD2-4383-9E97-65B4D77A73E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50BFB437-2855-401A-AD99-D20A51F2DA82",
"versionEndIncluding": "5.05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4F7DAA-DB7C-4CCC-9521-131FEFC776FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el analizador de log en WS_FTP Server 5.05 anterior a Hotfix 1, y posiblemente versiones anteriores a la 5.0, previene que cierta informaci\u00f3n sensible sea mostrada en las pesta\u00f1as (1) Files y (2) Summary. NOTA: en la publicaci\u00f3n anterior de este identificador en 26/09/2006, la descripci\u00f3n fue usada para el asunto equivocado."
}
],
"id": "CVE-2006-5001",
"lastModified": "2024-11-21T00:17:27.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-26T20:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 5.03 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "DA85C3EF-DAD2-4383-9E97-65B4D77A73E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands."
}
],
"id": "CVE-2004-1135",
"lastModified": "2024-11-20T23:50:11.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029600.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110177654524819\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securiteam.com/exploits/6D00L2KBPG.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110177654524819\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securiteam.com/exploits/6D00L2KBPG.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18296"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-11 21:29
Modified
2024-11-21 04:22
Severity ?
Summary
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized directory.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "325C4AAA-F931-4C7D-B20E-3701E8CB7D58",
"versionEndExcluding": "8.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a flaw in the SCP listener by crafting strings using specific patterns to write files and create directories outside of their authorized directory."
},
{
"lang": "es",
"value": "Fue descubierto un problema de cruces de directorios en SSHServerAPI.dll en Progress ipswithc WS_FTP Server 2018 anterior 8.6.1. los atacantes tienen la habilidad para abusar de un defecto en el oyente SCP, mediante la creaci\u00f3n de cadenas utilizando patrones espec\u00edficos para escribir archivos y crear directorios fuera de su directorio autorizado"
}
],
"id": "CVE-2019-12146",
"lastModified": "2024-11-21T04:22:18.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-11T21:29:01.177",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:51
Severity ?
Summary
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 3.0_1 | |
| ipswitch | ws_ftp_server | 4.01 | |
| progress | ws_ftp_server | 1.0.1 | |
| progress | ws_ftp_server | 1.0.2 | |
| progress | ws_ftp_server | 1.0.3 | |
| progress | ws_ftp_server | 1.0.4 | |
| progress | ws_ftp_server | 1.0.5 | |
| progress | ws_ftp_server | 2.0 | |
| progress | ws_ftp_server | 2.0.1 | |
| progress | ws_ftp_server | 2.0.2 | |
| progress | ws_ftp_server | 2.0.3 | |
| progress | ws_ftp_server | 2.0.4 | |
| progress | ws_ftp_server | 3.0 | |
| progress | ws_ftp_server | 3.1 | |
| progress | ws_ftp_server | 3.1.1 | |
| progress | ws_ftp_server | 3.1.2 | |
| progress | ws_ftp_server | 3.1.3 | |
| progress | ws_ftp_server | 3.4 | |
| progress | ws_ftp_server | 4.0 | |
| progress | ws_ftp_server | 4.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:3.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B30C60A-2716-4464-A9CD-2649DC763037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "44A4DEB6-8E4B-4DAD-911C-DCC26D4C9DCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A886D80F-D72C-4BDF-A65F-27CA82348C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0D7240-62C8-4003-A840-98E818709D9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA99A58B-F751-4C04-B41B-CBE94998AA42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "51D8225C-A74A-451E-9589-F1E00E4728D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3438AF-FCF1-4D77-83D5-27B9989F0683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "843B6647-BF92-46D1-ADEE-92088D9AD1C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B80A25-3860-4CF5-B8ED-5370EBB42455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B58011-9D3B-432C-93B1-47938F7E2D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50BE9ECB-4799-48BD-B3BE-7EE27FE3AA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBC59D2-405D-4374-812A-A3AEE0D6D594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "755C3FB5-5D5B-4732-86F9-68A6612BC819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "968C0544-A2F5-4FA6-A4B8-89113EE95B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E33B458B-F945-4D1A-81B7-F07CCC183C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D662A9-5D1B-465E-A4B1-A4C86BA207C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA7690C-8ADA-462E-B671-4D4CB243A483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29B11EAC-796C-43E4-A150-F3FE3F19A058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A71B59A7-9467-4729-9A24-D5291C059E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C1D0E89-C64F-4027-BF44-8F7159A5AE21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file."
}
],
"id": "CVE-2004-1848",
"lastModified": "2024-11-20T23:51:53.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108006717731989\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://secunia.com/advisories/11206"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securitytracker.com/id?1009529"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4542"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/9953"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15560"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108006717731989\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://secunia.com/advisories/11206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securitytracker.com/id?1009529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/9953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15560"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41831"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-11 21:29
Modified
2024-11-21 04:22
Severity ?
Summary
An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses the SITE command feature.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "325C4AAA-F931-4C7D-B20E-3701E8CB7D58",
"versionEndExcluding": "8.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. Attackers have the ability to abuse a path traversal vulnerability using the SCP protocol. Attackers who leverage this flaw could also obtain remote code execution by crafting a payload that abuses the SITE command feature."
},
{
"lang": "es",
"value": "Un problema fue descubierto en SSHServerAPI.dll en Progress ipswitch WS_FTP Server 2018 anterior 8.6.1. los atacantes tienen la habilidad para abusar de una vulnerabilidad de un giro de ruta usando el protocolo SCP, los atacantes que puedan liberar este defecto, podr\u00edan adem\u00e1s, obtener una ejecuci\u00f3n de c\u00f3digo remoto haciendo una carga \u00fatil que abusa que abusa de la funci\u00f3n de comando SITE."
}
],
"id": "CVE-2019-12144",
"lastModified": "2024-11-21T04:22:18.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-11T21:29:01.100",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-26 20:07
Modified
2024-11-21 00:17
Severity ?
Summary
Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 5.02 | |
| ipswitch | ws_ftp_server | 5.03 | |
| ipswitch | ws_ftp_server | 5.05 | |
| progress | ws_ftp_server | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "4E0A22A5-FBBB-4B7D-A64D-8F021B60181F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "DA85C3EF-DAD2-4383-9E97-65B4D77A73E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C708EB23-580C-4925-BBD8-ED4C8A69A688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4F7DAA-DB7C-4CCC-9521-131FEFC776FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en WS_FTP Server 5.05 anterior a Hotfix 1, y posiblemente otras versiones anteriores a la 5.0, tienen impacto y vectores de ataque remotos autenticados desconocidos mediante los comandos (1) XCRC, (2) XMD5, y (3) XSHA1. NOTA: en la publicaci\u00f3n anterior de este identificador en 26/09/2006, la descripci\u00f3n fue usada por el asunto equivocado."
}
],
"id": "CVE-2006-5000",
"lastModified": "2024-11-21T00:17:27.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-26T20:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016935"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447077/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-029.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447077/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41829"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-25 01:07
Modified
2024-11-21 00:17
Severity ?
Summary
Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 5.08_limited_edition |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.08_limited_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C33D9-E18C-4520-BF34-4EF04F0825A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Ipswitch WS_FTP Limited Edition (LE) 5.08 allows remote FTP servers to execute arbitrary code via a long response to a PASV command."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Ipswitch WS_FTP Limited Edition (LE) 5.08 permite a un a servidores FTP remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un repuesta grande a un comando PASV."
}
],
"id": "CVE-2006-4974",
"lastModified": "2024-11-21T00:17:21.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-25T01:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22032"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/29125"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20121"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29074"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/2401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/29125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/2401"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-06-11 21:29
Modified
2024-11-21 04:22
Severity ?
Summary
A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "325C4AAA-F931-4C7D-B20E-3701E8CB7D58",
"versionEndExcluding": "8.6.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose path names on the host operating system."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema de cruce de directorios en SSHServerAPI.dll en progreso ipswitch WS_FTP Server 2018 anterior de 8.6.1. Un atacante puede suministrar una cadena utilizando patrones especiales a trav\u00e9s del protocolo SCP para revelar nombres de ruta en el sistema operativo host"
}
],
"id": "CVE-2019-12145",
"lastModified": "2024-11-21T04:22:18.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-11T21:29:01.130",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-03-23 05:00
Modified
2024-11-20 23:51
Severity ?
Summary
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_pro | 6.0 | |
| ipswitch | ws_ftp_pro | 7.5 | |
| ipswitch | ws_ftp_pro | 8.0_2 | |
| ipswitch | ws_ftp_pro | 8.0_3 | |
| ipswitch | ws_ftp_server | 3.0_1 | |
| ipswitch | ws_ftp_server | 4.01 | |
| progress | ws_ftp_server | 1.0.1 | |
| progress | ws_ftp_server | 1.0.2 | |
| progress | ws_ftp_server | 1.0.3 | |
| progress | ws_ftp_server | 1.0.4 | |
| progress | ws_ftp_server | 1.0.5 | |
| progress | ws_ftp_server | 2.0 | |
| progress | ws_ftp_server | 2.0.1 | |
| progress | ws_ftp_server | 2.0.2 | |
| progress | ws_ftp_server | 2.0.3 | |
| progress | ws_ftp_server | 2.0.4 | |
| progress | ws_ftp_server | 3.0 | |
| progress | ws_ftp_server | 3.1 | |
| progress | ws_ftp_server | 3.1.1 | |
| progress | ws_ftp_server | 3.1.2 | |
| progress | ws_ftp_server | 3.1.3 | |
| progress | ws_ftp_server | 3.4 | |
| progress | ws_ftp_server | 4.0 | |
| progress | ws_ftp_server | 4.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_pro:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69C53D89-E5B6-4734-8CDC-D81C1975640B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_pro:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6CA6D1-772C-4D26-8786-A837B6A7DEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_pro:8.0_2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2F765A-DB53-4DD9-8E63-B819D7506B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_pro:8.0_3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D40A899-6605-4AA0-A415-99E0792238EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:3.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B30C60A-2716-4464-A9CD-2649DC763037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "44A4DEB6-8E4B-4DAD-911C-DCC26D4C9DCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A886D80F-D72C-4BDF-A65F-27CA82348C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0D7240-62C8-4003-A840-98E818709D9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA99A58B-F751-4C04-B41B-CBE94998AA42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "51D8225C-A74A-451E-9589-F1E00E4728D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3438AF-FCF1-4D77-83D5-27B9989F0683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "843B6647-BF92-46D1-ADEE-92088D9AD1C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B80A25-3860-4CF5-B8ED-5370EBB42455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B58011-9D3B-432C-93B1-47938F7E2D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50BE9ECB-4799-48BD-B3BE-7EE27FE3AA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBC59D2-405D-4374-812A-A3AEE0D6D594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "755C3FB5-5D5B-4732-86F9-68A6612BC819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "968C0544-A2F5-4FA6-A4B8-89113EE95B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E33B458B-F945-4D1A-81B7-F07CCC183C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D662A9-5D1B-465E-A4B1-A4C86BA207C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA7690C-8ADA-462E-B671-4D4CB243A483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29B11EAC-796C-43E4-A150-F3FE3F19A058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A71B59A7-9467-4729-9A24-D5291C059E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C1D0E89-C64F-4027-BF44-8F7159A5AE21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access."
}
],
"id": "CVE-2004-1884",
"lastModified": "2024-11-20T23:51:58.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-23T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108006581418116\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11206"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9953"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108006581418116\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15558"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-02-02 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
WS_FTP server remote denial of service through cwd command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 1.0.1eval | |
| ipswitch | ws_ftp_server | 1.0.2eval |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:1.0.1eval:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFFF21C-9F80-4BFC-B71C-E534F42020BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:1.0.2eval:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1CFEE0-7707-4B3D-8E84-0C42F56F5666",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WS_FTP server remote denial of service through cwd command."
}
],
"id": "CVE-1999-0362",
"lastModified": "2024-11-20T23:28:33.363",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-02-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.eeye.com/html/Research/Advisories/AD02021999.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eeye.com/html/Research/Advisories/AD02021999.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/217"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-09-22 04:00
Modified
2024-11-20 23:45
Severity ?
Summary
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 4.01 | |
| progress | ws_ftp_server | 3.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "44A4DEB6-8E4B-4DAD-911C-DCC26D4C9DCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29B11EAC-796C-43E4-A150-F3FE3F19A058",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments."
},
{
"lang": "es",
"value": "M\u00faltiples desboradamientos de b\u00fafer en WS_FTP 3 y 4 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario mediaten argumentos APPEND o STAT (estado) largos."
}
],
"id": "CVE-2003-0772",
"lastModified": "2024-11-20T23:45:29.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-09-22T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106288825902868\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/9671"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/219140"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/792284"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8542"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106288825902868\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/9671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/219140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/792284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/8542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-02 21:28
Modified
2024-11-21 00:26
Severity ?
Summary
Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 5.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.04:*:*:*:*:*:*:*",
"matchCriteriaId": "5D884CFE-2E33-41FF-86B1-D4CE505ADEAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Ipswitch WS_FTP Server 5.04 allows FTP site administrators to execute arbitrary code on the system via a long input string to the (1) iFTPAddU or (2) iFTPAddH file, or to a (3) edition module."
},
{
"lang": "es",
"value": "Ipswitch WS_FTP Server versi\u00f3n 5.04 permite a los administradores de sitios FTP ejecutar c\u00f3digo arbitrario en el sistema por medio de una larga cadena de entrada para los archivos (1) iFTPAddU o (2) iFTPAddH, o (3) para el m\u00f3dulo edition."
}
],
"id": "CVE-2007-0666",
"lastModified": "2024-11-21T00:26:26.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-02T21:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33646"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/33647"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458774/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458932/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458942/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/459023/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/33647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458774/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458932/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458942/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/459023/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32176"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-19 01:07
Modified
2024-11-21 00:16
Severity ?
Summary
Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ipswitch | ws_ftp_server | 1.0.1eval | |
| ipswitch | ws_ftp_server | 1.0.2eval | |
| ipswitch | ws_ftp_server | 3.0_1 | |
| ipswitch | ws_ftp_server | 4.01 | |
| ipswitch | ws_ftp_server | 5.02 | |
| ipswitch | ws_ftp_server | 5.03 | |
| progress | ws_ftp_server | * | |
| progress | ws_ftp_server | 1.0.1 | |
| progress | ws_ftp_server | 1.0.1.e | |
| progress | ws_ftp_server | 1.0.2 | |
| progress | ws_ftp_server | 1.0.2.e | |
| progress | ws_ftp_server | 1.0.3 | |
| progress | ws_ftp_server | 1.0.4 | |
| progress | ws_ftp_server | 1.0.5 | |
| progress | ws_ftp_server | 2.0 | |
| progress | ws_ftp_server | 2.0.1 | |
| progress | ws_ftp_server | 2.0.2 | |
| progress | ws_ftp_server | 2.0.3 | |
| progress | ws_ftp_server | 2.0.4 | |
| progress | ws_ftp_server | 3.0 | |
| progress | ws_ftp_server | 3.1 | |
| progress | ws_ftp_server | 3.1.1 | |
| progress | ws_ftp_server | 3.1.2 | |
| progress | ws_ftp_server | 3.1.3 | |
| progress | ws_ftp_server | 3.4 | |
| progress | ws_ftp_server | 4.0 | |
| progress | ws_ftp_server | 4.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:1.0.1eval:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFFF21C-9F80-4BFC-B71C-E534F42020BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:1.0.2eval:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1CFEE0-7707-4B3D-8E84-0C42F56F5666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:3.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B30C60A-2716-4464-A9CD-2649DC763037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "44A4DEB6-8E4B-4DAD-911C-DCC26D4C9DCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.02:*:*:*:*:*:*:*",
"matchCriteriaId": "4E0A22A5-FBBB-4B7D-A64D-8F021B60181F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.03:*:*:*:*:*:*:*",
"matchCriteriaId": "DA85C3EF-DAD2-4383-9E97-65B4D77A73E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50BFB437-2855-401A-AD99-D20A51F2DA82",
"versionEndIncluding": "5.05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A886D80F-D72C-4BDF-A65F-27CA82348C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.1.e:*:*:*:*:*:*:*",
"matchCriteriaId": "D9BE1954-74C5-4A91-9C9A-C0647F281017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0D7240-62C8-4003-A840-98E818709D9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.2.e:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE6789D-5DA5-489F-A900-F4788286ACE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA99A58B-F751-4C04-B41B-CBE94998AA42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "51D8225C-A74A-451E-9589-F1E00E4728D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3438AF-FCF1-4D77-83D5-27B9989F0683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "843B6647-BF92-46D1-ADEE-92088D9AD1C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B80A25-3860-4CF5-B8ED-5370EBB42455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B58011-9D3B-432C-93B1-47938F7E2D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50BE9ECB-4799-48BD-B3BE-7EE27FE3AA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBC59D2-405D-4374-812A-A3AEE0D6D594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "755C3FB5-5D5B-4732-86F9-68A6612BC819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "968C0544-A2F5-4FA6-A4B8-89113EE95B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E33B458B-F945-4D1A-81B7-F07CCC183C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D662A9-5D1B-465E-A4B1-A4C86BA207C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA7690C-8ADA-462E-B671-4D4CB243A483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29B11EAC-796C-43E4-A150-F3FE3F19A058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A71B59A7-9467-4729-9A24-D5291C059E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C1D0E89-C64F-4027-BF44-8F7159A5AE21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Ipswitch WS_FTP Server 5.05 anterior al Hotfix 1 permiten a usuarios autenticados remotamente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de comandos largos (1) XCRC, (2) XSHA1, o (3) XMD5."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product update:\r\nIpswitch, WS_FTP Server, 5.05 Hotfix 1",
"id": "CVE-2006-4847",
"lastModified": "2024-11-21T00:16:53.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-19T01:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21932"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/28939"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20076"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3655"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/28939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}