FTP: WS-FTP REST Command Large File Creation
This signature detects attempts to exploit a known vulnerability against WS-FTP. A successful attack can lead to arbitrary code execution within the context of the application.
Extended Description
Multiple vulnerabilities have been identified in the WS_FTP Server and client applications. These vulnerabilities may allow remote attackers to execute arbitrary code, cause denial of service attacks and gain administrative level access to a server. The issues include two remote buffer overflow vulnerabilities in the client, a denial of service vulnerability in the server and an access validation issue in the server leading to remote command execution with SYSTEM privileges. These issues are undergoing further analysis. This BID will be divided into separate issues as analysis is completed.
Affected Products
Ipswitch ws_ftp_server
Short Name
FTP:COMMAND:WS-FTP-REST
Severity
Major
Recommended
False
Recommended Action
Drop
Category
FTP
Keywords
CVE-2004-1885 Command Creation File Large REST WS-FTP bid:9953
Release Date
06/14/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3751
False Positive
Unknown
Vendors
Ipswitch
CVSS Score
7.2