Info

Disclosure

Sep 14, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in WS_FTP Server. The product fails to perform correct boundary checks user input with the XCRC, XMD5, and XSHA1 commands resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to version 5.05 Hotfix 1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Ipswitch, Inc.

WS_FTP Server

5.05

References

VUPEN Advisory: 2006 ADV-2006-3655
CVE ID: 2006-4847 (see also: NVD)
Bugtraq ID: 20076
Secunia Advisory ID: 21932
Metasploit ID: 28939
ISS X-Force ID: 28983
Vendor Specific News/Changelog Entry: http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp
Generic Exploit URL: http://www.saintcorporation.com/cgi-bin/exploit_info/ws_ftp_xcrc

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/28939