Progress: >> Ws Ftp Server Security Vulnerabilities
Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe.
CVSS Score
7.2
EPSS Score
0.052
Published
2004-12-31
WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence.
CVSS Score
5.0
EPSS Score
0.095
Published
2004-08-29
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
CVSS Score
7.5
EPSS Score
0.003
Published
2004-03-23
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.
CVSS Score
7.5
EPSS Score
0.832
Published
2003-09-22
Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command.
CVSS Score
7.5
EPSS Score
0.059
Published
2002-08-12
Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD.
CVSS Score
7.5
EPSS Score
0.844
Published
2001-07-26
IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
CVSS Score
4.6
EPSS Score
0.0
Published
1999-02-02
IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
CVSS Score
4.6
EPSS Score
0.0
Published
1999-01-02
Page 3