WS_FTP Server < 5.04 Multiple Vulnerabilities (2)

critical Nessus Network Monitor Plugin ID 2436

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

This host is running a vulnerable version of WS_FTP Server. Versions up to and including 5.03 are reported prone to multiple buffer overflows that may be used by an attacker to execute arbitary code on the remote system.

Solution

Upgrade to version 5.04 or higher.

Plugin Details

Severity: Critical

ID: 2436

Family: FTP Servers

Published: 11/30/2004

Updated: 3/6/2019

Nessus ID: 15857

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ipswitch:ws_ftp_server

Exploitable With

Metasploit (WS-FTP Server 5.03 MKD Overflow)

Reference Information

CVE: CVE-2004-1135

BID: 11772

Detections

Analytics