FTP: WS_FTP Server Command Buffer Overflow
This signature detects buffer overflow attempts against WS_FTP. Because WS_FTP does not perform sufficient bounds checking on network data before copying the data into process buffers, attackers may remotely execute arbitrary code on the server with the privileges of the user that activated WS_FTP.
Extended Description
Ipswitch WS_FTP Server is reported to be prone to buffer overruns when handling data supplied to the APPE and STAT FTP commands. An FTP user who supplies excessive input to these commands could potentially execute arbitrary code in the context of the server or cause a denial of service.
Affected Products
Ipswitch ws_ftp_server
Short Name
FTP:COMMAND:WS_FTP-CMD-BO
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
FTP
Keywords
Buffer CVE-2003-0772 Command Overflow Server WS_FTP bid:38262 bid:8542
Release Date
06/02/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Ipswitch
CVSS Score
7.5