CVE-2006-5000

Severity

65%

Complexity

80%

Confidentiality

106%

Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.

Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.

CVSS 2.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P).

Overview

First reported 18 years ago

2006-09-26 20:07:00

Last updated 5 years ago

2019-08-13 14:39:00

Affected Software

Progress Ipswitch WS_FTP Server 5.0.2

5.0.2

References

1016935

http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp

Patch

20060926 ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities

http://www.zerodayinitiative.com/advisories/ZDI-06-029.html

Vendor Advisory

wsftp-multiple-commands-bo(41829)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.