cvelistv5 - CVE-2006-4847

CVE-2006-4847

Vulnerability from cvelistv5

Published

2006-09-19 01:00

Modified

2024-08-07 19:23

Severity ?

Summary

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.

References

URL	Tags
cve@mitre.org	http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp	Patch
cve@mitre.org	http://secunia.com/advisories/21932	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/28939
cve@mitre.org	http://www.securityfocus.com/bid/20076
cve@mitre.org	http://www.vupen.com/english/advisories/2006/3655
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/28983
af854a3a-2127-422b-91ae-364da2661108	http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21932	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/28939
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20076
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3655
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28983

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:23:41.399Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "21932",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21932"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
          },
          {
            "name": "ADV-2006-3655",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3655"
          },
          {
            "name": "wsftp-xcrc-xsha1-xmd5-bo(28983)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
          },
          {
            "name": "28939",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/28939"
          },
          {
            "name": "20076",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20076"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "21932",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21932"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
        },
        {
          "name": "ADV-2006-3655",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3655"
        },
        {
          "name": "wsftp-xcrc-xsha1-xmd5-bo(28983)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
        },
        {
          "name": "28939",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/28939"
        },
        {
          "name": "20076",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20076"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4847",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "21932",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21932"
            },
            {
              "name": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp",
              "refsource": "CONFIRM",
              "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
            },
            {
              "name": "ADV-2006-3655",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3655"
            },
            {
              "name": "wsftp-xcrc-xsha1-xmd5-bo(28983)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
            },
            {
              "name": "28939",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/28939"
            },
            {
              "name": "20076",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20076"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4847",
    "datePublished": "2006-09-19T01:00:00",
    "dateReserved": "2006-09-18T00:00:00",
    "dateUpdated": "2024-08-07T19:23:41.399Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-4847\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-09-19T01:07:00.000\",\"lastModified\":\"2024-11-21T00:16:53.137\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer en Ipswitch WS_FTP Server 5.05 anterior al Hotfix 1 permiten a usuarios autenticados remotamente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de comandos largos (1) XCRC, (2) XSHA1, o (3) XMD5.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:ws_ftp_server:1.0.1eval:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FFFF21C-9F80-4BFC-B71C-E534F42020BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:ws_ftp_server:1.0.2eval:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA1CFEE0-7707-4B3D-8E84-0C42F56F5666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:ws_ftp_server:3.0_1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B30C60A-2716-4464-A9CD-2649DC763037\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:ws_ftp_server:4.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44A4DEB6-8E4B-4DAD-911C-DCC26D4C9DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:ws_ftp_server:5.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E0A22A5-FBBB-4B7D-A64D-8F021B60181F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ipswitch:ws_ftp_server:5.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA85C3EF-DAD2-4383-9E97-65B4D77A73E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.05\",\"matchCriteriaId\":\"50BFB437-2855-401A-AD99-D20A51F2DA82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A886D80F-D72C-4BDF-A65F-27CA82348C48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:1.0.1.e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9BE1954-74C5-4A91-9C9A-C0647F281017\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A0D7240-62C8-4003-A840-98E818709D9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:1.0.2.e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DE6789D-5DA5-489F-A900-F4788286ACE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA99A58B-F751-4C04-B41B-CBE94998AA42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51D8225C-A74A-451E-9589-F1E00E4728D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C3438AF-FCF1-4D77-83D5-27B9989F0683\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"843B6647-BF92-46D1-ADEE-92088D9AD1C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4B80A25-3860-4CF5-B8ED-5370EBB42455\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7B58011-9D3B-432C-93B1-47938F7E2D43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50BE9ECB-4799-48BD-B3BE-7EE27FE3AA40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEBC59D2-405D-4374-812A-A3AEE0D6D594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"755C3FB5-5D5B-4732-86F9-68A6612BC819\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"968C0544-A2F5-4FA6-A4B8-89113EE95B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E33B458B-F945-4D1A-81B7-F07CCC183C14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9D662A9-5D1B-465E-A4B1-A4C86BA207C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:3.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBA7690C-8ADA-462E-B671-4D4CB243A483\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29B11EAC-796C-43E4-A150-F3FE3F19A058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A71B59A7-9467-4729-9A24-D5291C059E66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C1D0E89-C64F-4027-BF44-8F7159A5AE21\"}]}]}],\"references\":[{\"url\":\"http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/21932\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/28939\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/20076\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3655\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28983\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/21932\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/28939\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/20076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/3655\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/28983\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorSolution\":\"This vulnerability is addressed in the following product update:\\r\\nIpswitch, WS_FTP Server, 5.05 Hotfix 1\"}}"
  }
}

gsd-2006-4847

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.

Aliases

CVE-2006-4847

Aliases

CVE-2006-4847

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-4847",
    "description": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.",
    "id": "GSD-2006-4847",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2006-4847"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-4847"
      ],
      "details": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.",
      "id": "GSD-2006-4847",
      "modified": "2023-12-13T01:19:51.961673Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-4847",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "21932",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/21932"
          },
          {
            "name": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp",
            "refsource": "CONFIRM",
            "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
          },
          {
            "name": "ADV-2006-3655",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/3655"
          },
          {
            "name": "wsftp-xcrc-xsha1-xmd5-bo(28983)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
          },
          {
            "name": "28939",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/28939"
          },
          {
            "name": "20076",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/20076"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:ws_ftp_server:5.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:ws_ftp_server:4.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:ws_ftp_server:3.0_1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:ws_ftp_server:1.0.1eval:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:ws_ftp_server:5.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ipswitch:ws_ftp_server:1.0.2eval:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:1.0.1.e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:1.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:1.0.2.e:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:1.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:1.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:1.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:2.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:2.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:2.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:3.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:3.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:3.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.05",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4847"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
            },
            {
              "name": "21932",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/21932"
            },
            {
              "name": "20076",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/20076"
            },
            {
              "name": "28939",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/28939"
            },
            {
              "name": "ADV-2006-3655",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/3655"
            },
            {
              "name": "wsftp-xcrc-xsha1-xmd5-bo(28983)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-10-11T14:45Z",
      "publishedDate": "2006-09-19T01:07Z"
    }
  }
}

ghsa-hvr7-p2v4-62j2

Vulnerability from github

Published

2022-05-01 07:22

Modified

2022-05-01 07:22

Details

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-4847"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-09-19T01:07:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.",
  "id": "GHSA-hvr7-p2v4-62j2",
  "modified": "2022-05-01T07:22:29Z",
  "published": "2022-05-01T07:22:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-4847"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
    },
    {
      "type": "WEB",
      "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/21932"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/28939"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/20076"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/3655"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands. Ipswitch WS_FTP Server is prone to a number of stack-overflow vulnerabilities. Updates are available. A successful exploit may lead to remote arbitrary code execution with administrative privileges, facilitating the complete compromise of affected computers. Ipswitch WS_FTP Server 5.04 and 5.05 are vulnerable to these issues; other versions may also be affected. Ipswitch WS_FTP Server is an FTP service program suitable for Windows systems. There is a typical stack overflow vulnerability in WS_FTP when processing super long XCRC/XSHA1/XMD5 extended command parameters. The exploitation of the vulnerability requires the user to log in to the system with a legal account, but No writable directory is required.

Want to work within IT-Security?

Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.

Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/

TITLE: WS_FTP Server FTP Commands Buffer Overflow Vulnerability

SECUNIA ADVISORY ID: SA21932

VERIFY ADVISORY: http://secunia.com/advisories/21932/

CRITICAL: Moderately critical

IMPACT: System access

WHERE:

From remote

SOFTWARE: WS_FTP Server 5.x http://secunia.com/product/3853/

DESCRIPTION: A vulnerability have been reported in WS_FTP Server, which can be exploited by malicious users to compromise a vulnerable system.

The vulnerability is due to a boundary error when parsing arguments to the "XCRC", "XSHA1", and "XMD5" commands. This can be exploited to cause stack-based buffer overflows via overly long command arguments.

The vulnerability has been reported in version 5.05.

SOLUTION: Apply patch. http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200609-0297",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ipswitch",
        "version": "5.03"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ipswitch",
        "version": "4.01"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "ipswitch",
        "version": "5.02"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "3.1.1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "1.0.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "2.0.1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "2.0.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "1.0.1.e"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "3.0"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "3.4"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "2.0.4"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "1.0.5"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "3.1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "3.1.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "2.0.3"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "4.0.2"
      },
      {
        "model": "ws ftp server",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "progress",
        "version": "5.05"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "1.0.3"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ipswitch",
        "version": "1.0.2eval"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "1.0.1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ipswitch",
        "version": "1.0.1eval"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "4.0"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "3.1.3"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ipswitch",
        "version": "3.0_1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "1.0.2.e"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "2.0"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "1.0.4"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "ipswitch",
        "version": "5.05"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "ipswitch",
        "version": "hotfix 1"
      },
      {
        "model": "ws ftp server",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "ipswitch",
        "version": "5.05"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "4.0"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "4.0.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "3.4"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "3.1.3"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "3.1.1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "3.1.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "5.04"
      },
      {
        "model": "ws ftp server hotfix",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "5.051"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "20076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4847"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:ipswitch:ws_ftp_server",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "This vulnerability was discovered by an anonymous researcher.",
    "sources": [
      {
        "db": "BID",
        "id": "20076"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2006-4847",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "CVE-2006-4847",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.0,
            "id": "VHN-20955",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2006-4847",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2006-4847",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200609-295",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-20955",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20955"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4847"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands. Ipswitch WS_FTP Server is prone to a number of stack-overflow vulnerabilities. Updates are available. \nA successful exploit may lead to remote arbitrary code execution with administrative privileges, facilitating the complete compromise of affected computers. \nIpswitch WS_FTP Server 5.04 and 5.05 are vulnerable to these issues; other versions may also be affected. Ipswitch WS_FTP Server is an FTP service program suitable for Windows systems. There is a typical stack overflow vulnerability in WS_FTP when processing super long XCRC/XSHA1/XMD5 extended command parameters. The exploitation of the vulnerability requires the user to log in to the system with a legal account, but No writable directory is required. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nCurrently the following type of positions are available:\nhttp://secunia.com/quality_assurance_analyst/\nhttp://secunia.com/web_application_security_specialist/ \nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\n----------------------------------------------------------------------\n\nTITLE:\nWS_FTP Server FTP Commands Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA21932\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/21932/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nWS_FTP Server 5.x\nhttp://secunia.com/product/3853/\n\nDESCRIPTION:\nA vulnerability have been reported in WS_FTP Server, which can be\nexploited by malicious users to compromise a vulnerable system. \n\nThe vulnerability is due to a boundary error when parsing arguments\nto the \"XCRC\", \"XSHA1\", and \"XMD5\" commands. This can be exploited to\ncause stack-based buffer overflows via overly long command arguments. \n\nThe vulnerability has been reported in version 5.05. \n\nSOLUTION:\nApply patch. \nhttp://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-4847"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "db": "BID",
        "id": "20076"
      },
      {
        "db": "VULHUB",
        "id": "VHN-20955"
      },
      {
        "db": "PACKETSTORM",
        "id": "50127"
      }
    ],
    "trust": 2.07
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-20955",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20955"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-4847",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "20076",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "21932",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "28939",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-3655",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "82965",
        "trust": 0.1
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-71222",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "16717",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "3335",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-20955",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "50127",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20955"
      },
      {
        "db": "BID",
        "id": "20076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "db": "PACKETSTORM",
        "id": "50127"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4847"
      }
    ]
  },
  "id": "VAR-200609-0297",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20955"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T21:57:32.645000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "WS_FTP Server 5.05 Hotfix 1",
        "trust": 0.8,
        "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
      },
      {
        "title": "Ipswitch WS_FTP Server Buffer Overflow Vulnerability Fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96806"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-4847"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/20076"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/28939"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/21932"
      },
      {
        "trust": 1.7,
        "url": "http://www.vupen.com/english/advisories/2006/3655"
      },
      {
        "trust": 1.7,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4847"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4847"
      },
      {
        "trust": 0.3,
        "url": "http://www.ipswitch.com/products/ws_ftp/home/index.asp"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/447077"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/21932/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/quality_assurance_analyst/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/web_application_security_specialist/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3853/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-20955"
      },
      {
        "db": "BID",
        "id": "20076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "db": "PACKETSTORM",
        "id": "50127"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4847"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-20955"
      },
      {
        "db": "BID",
        "id": "20076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "db": "PACKETSTORM",
        "id": "50127"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-4847"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-09-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-20955"
      },
      {
        "date": "2006-09-14T00:00:00",
        "db": "BID",
        "id": "20076"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "date": "2006-09-21T23:56:25",
        "db": "PACKETSTORM",
        "id": "50127"
      },
      {
        "date": "2006-09-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      },
      {
        "date": "2006-09-19T01:07:00",
        "db": "NVD",
        "id": "CVE-2006-4847"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-20955"
      },
      {
        "date": "2016-07-05T21:38:00",
        "db": "BID",
        "id": "20076"
      },
      {
        "date": "2012-09-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      },
      {
        "date": "2019-08-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      },
      {
        "date": "2024-11-21T00:16:53.137000",
        "db": "NVD",
        "id": "CVE-2006-4847"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ipswitch WS_FTP Server Vulnerable to buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-002114"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200609-295"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2006-4847

Vulnerability from fkie_nvd

Published

2006-09-19 01:07

Modified

2024-11-21 00:16

Severity ?

Summary

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.

References

URL	Tags
cve@mitre.org	http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp	Patch
cve@mitre.org	http://secunia.com/advisories/21932	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/28939
cve@mitre.org	http://www.securityfocus.com/bid/20076
cve@mitre.org	http://www.vupen.com/english/advisories/2006/3655
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/28983
af854a3a-2127-422b-91ae-364da2661108	http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21932	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/28939
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20076
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/3655
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/28983

Impacted products

Vendor	Product	Version
ipswitch	ws_ftp_server	1.0.1eval
ipswitch	ws_ftp_server	1.0.2eval
ipswitch	ws_ftp_server	3.0_1
ipswitch	ws_ftp_server	4.01
ipswitch	ws_ftp_server	5.02
ipswitch	ws_ftp_server	5.03
progress	ws_ftp_server	*
progress	ws_ftp_server	1.0.1
progress	ws_ftp_server	1.0.1.e
progress	ws_ftp_server	1.0.2
progress	ws_ftp_server	1.0.2.e
progress	ws_ftp_server	1.0.3
progress	ws_ftp_server	1.0.4
progress	ws_ftp_server	1.0.5
progress	ws_ftp_server	2.0
progress	ws_ftp_server	2.0.1
progress	ws_ftp_server	2.0.2
progress	ws_ftp_server	2.0.3
progress	ws_ftp_server	2.0.4
progress	ws_ftp_server	3.0
progress	ws_ftp_server	3.1
progress	ws_ftp_server	3.1.1
progress	ws_ftp_server	3.1.2
progress	ws_ftp_server	3.1.3
progress	ws_ftp_server	3.4
progress	ws_ftp_server	4.0
progress	ws_ftp_server	4.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:1.0.1eval:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FFFF21C-9F80-4BFC-B71C-E534F42020BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:1.0.2eval:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA1CFEE0-7707-4B3D-8E84-0C42F56F5666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:3.0_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B30C60A-2716-4464-A9CD-2649DC763037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:4.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "44A4DEB6-8E4B-4DAD-911C-DCC26D4C9DCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E0A22A5-FBBB-4B7D-A64D-8F021B60181F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:5.03:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA85C3EF-DAD2-4383-9E97-65B4D77A73E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "50BFB437-2855-401A-AD99-D20A51F2DA82",
              "versionEndIncluding": "5.05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A886D80F-D72C-4BDF-A65F-27CA82348C48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.1.e:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9BE1954-74C5-4A91-9C9A-C0647F281017",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A0D7240-62C8-4003-A840-98E818709D9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.2.e:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DE6789D-5DA5-489F-A900-F4788286ACE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA99A58B-F751-4C04-B41B-CBE94998AA42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "51D8225C-A74A-451E-9589-F1E00E4728D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:1.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C3438AF-FCF1-4D77-83D5-27B9989F0683",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "843B6647-BF92-46D1-ADEE-92088D9AD1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4B80A25-3860-4CF5-B8ED-5370EBB42455",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7B58011-9D3B-432C-93B1-47938F7E2D43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "50BE9ECB-4799-48BD-B3BE-7EE27FE3AA40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEBC59D2-405D-4374-812A-A3AEE0D6D594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "755C3FB5-5D5B-4732-86F9-68A6612BC819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "968C0544-A2F5-4FA6-A4B8-89113EE95B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33B458B-F945-4D1A-81B7-F07CCC183C14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D662A9-5D1B-465E-A4B1-A4C86BA207C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA7690C-8ADA-462E-B671-4D4CB243A483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B11EAC-796C-43E4-A150-F3FE3F19A058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A71B59A7-9467-4729-9A24-D5291C059E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C1D0E89-C64F-4027-BF44-8F7159A5AE21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en Ipswitch WS_FTP Server 5.05 anterior al Hotfix 1 permiten a usuarios autenticados remotamente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de comandos largos (1) XCRC, (2) XSHA1, o (3) XMD5."
    }
  ],
  "evaluatorSolution": "This vulnerability is addressed in the following product update:\r\nIpswitch, WS_FTP Server, 5.05 Hotfix 1",
  "id": "CVE-2006-4847",
  "lastModified": "2024-11-21T00:16:53.137",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-09-19T01:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21932"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/28939"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20076"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/3655"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/28939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/3655"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28983"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-4847

Vulnerability from cvelistv5

gsd-2006-4847

Vulnerability from gsd

ghsa-hvr7-p2v4-62j2

Vulnerability from github

var-200609-0297

Vulnerability from variot

fkie_cve-2006-4847

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature