CVE-2004-1848

Severity

50%

Complexity

99%

Confidentiality

48%

Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

Progress Ipswitch WS_FTP Server

First reported 20 years ago

2004-12-31 05:00:00

Last updated 5 years ago

2019-08-13 14:39:00

Affected Software

Progress Ipswitch WS_FTP Server 1.0.1

1.0.1

Progress Ipswitch WS_FTP Server 1.0.2

1.0.2

Progress Ipswitch WS_FTP Server 1.0.3

1.0.3

Progress Ipswitch WS_FTP Server 1.0.4

1.0.4

Progress Ipswitch WS_FTP Server 1.0.5

1.0.5

Progress Ipswitch WS_FTP Server 2.0

2.0

Progress Ipswitch WS_FTP Server 2.0.1

2.0.1

Progress Ipswitch WS_FTP Server 2.0.2

2.0.2

Progress Ipswitch WS_FTP Server 2.0.3

2.0.3

Progress Ipswitch WS_FTP Server 2.0.4

2.0.4

Progress Ipswitch WS_FTP Server 3.0

3.0

Progress Ipswitch WS_FTP Server 3.1

3.1

Progress Ipswitch WS_FTP Server 3.1.1

3.1.1

Progress Ipswitch WS_FTP Server 3.1.2

3.1.2

Progress Ipswitch WS_FTP Server 3.1.3

3.1.3

Progress Ipswitch WS_FTP Server 3.4

3.4

Progress Ipswitch WS_FTP Server 4.0

4.0

Progress Ipswitch WS_FTP Server 4.0.2

4.0.2

References

20040323 How to crash a harddisk - the Ipswitch WS_FTP Server way

11206

Exploit, Patch

1009529

Exploit

4542

9953