6.5

CVE-2006-4847

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IpswitchWs Ftp Server Version1.0.1eval
IpswitchWs Ftp Server Version1.0.2eval
IpswitchWs Ftp Server Version3.0_1
IpswitchWs Ftp Server Version4.01
IpswitchWs Ftp Server Version5.02
IpswitchWs Ftp Server Version5.03
ProgressWs Ftp Server Version <= 5.05
ProgressWs Ftp Server Version1.0.1
ProgressWs Ftp Server Version1.0.1.e
ProgressWs Ftp Server Version1.0.2
ProgressWs Ftp Server Version1.0.2.e
ProgressWs Ftp Server Version1.0.3
ProgressWs Ftp Server Version1.0.4
ProgressWs Ftp Server Version1.0.5
ProgressWs Ftp Server Version2.0
ProgressWs Ftp Server Version2.0.1
ProgressWs Ftp Server Version2.0.2
ProgressWs Ftp Server Version2.0.3
ProgressWs Ftp Server Version2.0.4
ProgressWs Ftp Server Version3.0
ProgressWs Ftp Server Version3.1
ProgressWs Ftp Server Version3.1.1
ProgressWs Ftp Server Version3.1.2
ProgressWs Ftp Server Version3.1.3
ProgressWs Ftp Server Version3.4
ProgressWs Ftp Server Version4.0
ProgressWs Ftp Server Version4.0.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 85.21% 0.997
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.5 8 6.4
AV:N/AC:L/Au:S/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp
Patch
http://secunia.com/advisories/21932
Patch
Vendor Advisory
http://www.osvdb.org/28939
http://www.securityfocus.com/bid/20076
http://www.vupen.com/english/advisories/2006/3655
https://exchange.xforce.ibmcloud.com/vulnerabilities/28983