cvelistv5 - cve-2004-1883

cve-2004-1883

Vulnerability from cvelistv5

Published

2005-05-10 04:00

Modified

2024-08-08 01:07

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=108006553222397&w=2
cve@mitre.org	http://secunia.com/advisories/11206	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/358361
cve@mitre.org	http://www.securityfocus.com/bid/9953
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/15561
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=108006553222397&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/11206	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/358361
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/9953
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/15561

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:07:48.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "11206",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11206"
          },
          {
            "name": "9953",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9953"
          },
          {
            "name": "20040323 Think of the buffers! Won\u0027t somebody think of the buffers?!",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/358361"
          },
          {
            "name": "wsftp-allo-bo(15561)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
          },
          {
            "name": "20040323 ALLO ALLO WS_FTP Server",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-03-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "11206",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11206"
        },
        {
          "name": "9953",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9953"
        },
        {
          "name": "20040323 Think of the buffers! Won\u0027t somebody think of the buffers?!",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/358361"
        },
        {
          "name": "wsftp-allo-bo(15561)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
        },
        {
          "name": "20040323 ALLO ALLO WS_FTP Server",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1883",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "11206",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11206"
            },
            {
              "name": "9953",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9953"
            },
            {
              "name": "20040323 Think of the buffers! Won\u0027t somebody think of the buffers?!",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/358361"
            },
            {
              "name": "wsftp-allo-bo(15561)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
            },
            {
              "name": "20040323 ALLO ALLO WS_FTP Server",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1883",
    "datePublished": "2005-05-10T04:00:00",
    "dateReserved": "2005-05-04T00:00:00",
    "dateUpdated": "2024-08-08T01:07:48.899Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-1883\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-12-31T05:00:00.000\",\"lastModified\":\"2024-11-20T23:51:58.373\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C1D0E89-C64F-4027-BF44-8F7159A5AE21\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/11206\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/358361\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/9953\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15561\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/11206\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/archive/1/358361\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/9953\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15561\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2004-1883

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2004-1883

Aliases

CVE-2004-1883

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2004-1883",
    "description": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.",
    "id": "GSD-2004-1883"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2004-1883"
      ],
      "details": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.",
      "id": "GSD-2004-1883",
      "modified": "2023-12-13T01:22:55.870414Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2004-1883",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "11206",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/11206"
          },
          {
            "name": "9953",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/9953"
          },
          {
            "name": "20040323 Think of the buffers! Won\u0027t somebody think of the buffers?!",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/358361"
          },
          {
            "name": "wsftp-allo-bo(15561)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
          },
          {
            "name": "20040323 ALLO ALLO WS_FTP Server",
            "refsource": "BUGTRAQ",
            "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1883"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040323 Think of the buffers! Won\u0027t somebody think of the buffers?!",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/358361"
            },
            {
              "name": "9953",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/9953"
            },
            {
              "name": "11206",
              "refsource": "SECUNIA",
              "tags": [
                "Patch"
              ],
              "url": "http://secunia.com/advisories/11206"
            },
            {
              "name": "20040323 ALLO ALLO WS_FTP Server",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
            },
            {
              "name": "wsftp-allo-bo(15561)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-10-11T14:45Z",
      "publishedDate": "2004-12-31T05:00Z"
    }
  }
}

Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred. Multiple vulnerabilities have been identified in the WS_FTP Server and client applications. The issues include two remote buffer overflow vulnerabilities in the client, a denial of service vulnerability in the server and an access validation issue in the server leading to remote command execution with SYSTEM privileges. These issues are undergoing further analysis. This BID will be divided into separate issues as analysis is completed. Progress Software Ipswitch WS_FTP Server is a set of FTP server software developed by Progress Software Company in the United States. It provides functions such as file transfer control and transfer encryption. A buffer error vulnerability exists in Progress Software Ipswitch WS_FTP Server version 4.0.2

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200412-1139",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "progress",
        "version": "4.0.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ipswitch",
        "version": "4.0.2"
      },
      {
        "model": "ws ftp pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.03"
      },
      {
        "model": "ws ftp pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "8.02"
      },
      {
        "model": "ws ftp pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "7.5"
      },
      {
        "model": "ws ftp pro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "6.0"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "4.02"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "4.01"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "4.0"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "3.4"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "3.1.3"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "3.1.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "3.1.1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "3.1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "3.01"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "3.0"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "2.0.4"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "2.0.3"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "2.0.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "2.0.1"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "2.0"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "1.0.5"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "1.0.4"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "1.0.3"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "1.0.2"
      },
      {
        "model": "ws ftp server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ipswitch",
        "version": "1.0.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "9953"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1883"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Discovery is credited to Hugh Mann \u003chughmann@hotmail.com\u003e.",
    "sources": [
      {
        "db": "BID",
        "id": "9953"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2004-1883",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2004-1883",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.0,
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.9,
            "id": "VHN-10312",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2004-1883",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200412-294",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-10312",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10312"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1883"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred. Multiple vulnerabilities have been identified in the WS_FTP Server and client applications. \nThe issues include two remote buffer overflow vulnerabilities in the client, a denial of service vulnerability in the server and an access validation issue in the server leading to remote command execution with SYSTEM privileges. \nThese issues are undergoing further analysis.  This BID will be divided into separate issues as analysis is completed. Progress Software Ipswitch WS_FTP Server is a set of FTP server software developed by Progress Software Company in the United States. It provides functions such as file transfer control and transfer encryption. A buffer error vulnerability exists in Progress Software Ipswitch WS_FTP Server version 4.0.2",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-1883"
      },
      {
        "db": "BID",
        "id": "9953"
      },
      {
        "db": "VULHUB",
        "id": "VHN-10312"
      }
    ],
    "trust": 1.26
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-10312",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10312"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "9953",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "11206",
        "trust": 1.7
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1883",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294",
        "trust": 0.7
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-62778",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "165",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-10312",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10312"
      },
      {
        "db": "BID",
        "id": "9953"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1883"
      }
    ]
  },
  "id": "VAR-200412-1139",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10312"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T22:36:38.483000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-1883"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/9953"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/358361"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/11206"
      },
      {
        "trust": 1.7,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
      },
      {
        "trust": 1.6,
        "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
      },
      {
        "trust": 0.3,
        "url": "http://www.ipswitch.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/358356"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/358363"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/358357"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/358361"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=bugtraq\u0026amp;m=108006553222397\u0026amp;w=2"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10312"
      },
      {
        "db": "BID",
        "id": "9953"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1883"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-10312"
      },
      {
        "db": "BID",
        "id": "9953"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1883"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-12-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-10312"
      },
      {
        "date": "2004-03-23T00:00:00",
        "db": "BID",
        "id": "9953"
      },
      {
        "date": "2004-12-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      },
      {
        "date": "2004-12-31T05:00:00",
        "db": "NVD",
        "id": "CVE-2004-1883"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-10312"
      },
      {
        "date": "2004-03-23T00:00:00",
        "db": "BID",
        "id": "9953"
      },
      {
        "date": "2020-05-11T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      },
      {
        "date": "2024-11-20T23:51:58.373000",
        "db": "NVD",
        "id": "CVE-2004-1883"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Progress Software Ipswitch WS_FTP Server Buffer error vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-294"
      }
    ],
    "trust": 0.6
  }
}

ghsa-w48h-f732-2m7j

Vulnerability from github

Published

2022-04-29 03:00

Modified

2022-04-29 03:00

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2004-1883"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-12-31T05:00:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.",
  "id": "GHSA-w48h-f732-2m7j",
  "modified": "2022-04-29T03:00:24Z",
  "published": "2022-04-29T03:00:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1883"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/11206"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/358361"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/9953"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2004-1883

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=108006553222397&w=2
cve@mitre.org	http://secunia.com/advisories/11206	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/358361
cve@mitre.org	http://www.securityfocus.com/bid/9953
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/15561
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=108006553222397&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/11206	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/358361
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/9953
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/15561

Impacted products

	Vendor	Product	Version
	progress	ws_ftp_server	4.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C1D0E89-C64F-4027-BF44-8F7159A5AE21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred."
    }
  ],
  "id": "CVE-2004-1883",
  "lastModified": "2024-11-20T23:51:58.373",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://secunia.com/advisories/11206"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/358361"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/9953"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=108006553222397\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://secunia.com/advisories/11206"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/358361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/9953"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15561"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2004-1883

Vulnerability from cvelistv5

gsd-2004-1883

Vulnerability from gsd

var-200412-1139

Vulnerability from variot

ghsa-w48h-f732-2m7j

Vulnerability from github

fkie_cve-2004-1883

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature