CVE-2006-4847

Severity

65%

Complexity

80%

Confidentiality

106%

This vulnerability is addressed in the following product update: Ipswitch, WS_FTP Server, 5.05 Hotfix 1

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.

This vulnerability is addressed in the following product update: Ipswitch, WS_FTP Server, 5.05 Hotfix 1

CVSS 2.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P).

Overview

Type

Progress Ipswitch WS_FTP Server

First reported 18 years ago

2006-09-19 01:07:00

Last updated 5 years ago

2019-08-13 14:40:00

Affected Software

Progress Ipswitch WS_FTP Server 1.0.1

1.0.1

Progress Ipswitch WS_FTP Server 1.0.1.e

1.0.1.e

Progress Ipswitch WS_FTP Server 1.0.2

1.0.2

Progress Ipswitch WS_FTP Server 1.0.2.e

1.0.2.e

Progress Ipswitch WS_FTP Server 1.0.3

1.0.3

Progress Ipswitch WS_FTP Server 1.0.4

1.0.4

Progress Ipswitch WS_FTP Server 1.0.5

1.0.5

Progress Ipswitch WS_FTP Server 2.0

2.0

Progress Ipswitch WS_FTP Server 2.0.1

2.0.1

Progress Ipswitch WS_FTP Server 2.0.2

2.0.2

Progress Ipswitch WS_FTP Server 2.0.3

2.0.3

Progress Ipswitch WS_FTP Server 2.0.4

2.0.4

Progress Ipswitch WS_FTP Server 3.0

3.0

Progress Ipswitch WS_FTP Server 3.1

3.1

Progress Ipswitch WS_FTP Server 3.1.1

3.1.1

Progress Ipswitch WS_FTP Server 3.1.2

3.1.2

Progress Ipswitch WS_FTP Server 3.1.3

3.1.3

Progress Ipswitch WS_FTP Server 3.4

3.4

Progress Ipswitch WS_FTP Server 4.0

4.0

Progress Ipswitch WS_FTP Server 4.0.2

4.0.2

References

http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp

Patch

21932

Patch, Vendor Advisory

28939

20076

ADV-2006-3655

wsftp-xcrc-xsha1-xmd5-bo(28983)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.