Page 4 of 20 results (0.012 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

A Directory Traversal issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FTP Server 2018 before 8.6.1. An attacker can supply a string using special patterns via the SCP protocol to disclose WS_FTP usernames as well as filenames. Fue descubierto un problema de cruce de directorios en SSHSeverAPI.dll en Progress Ipswitch WS_FTP Server 2018 anterior 8.6.1. un atacante puede suministrar una cadena usando patrones especiales mediante el protocolo SCP para revelar nombres de usuario así como nombres de archivos. • https://docs.ipswitch.com/WS_FTP_Server2018/ReleaseNotes/index.htm#49242.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.0EPSS: 35%CPEs: 4EXPL: 0

Unspecified vulnerability in the log analyzer in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, prevents certain sensitive information from being displayed in the (1) Files and (2) Summary tabs. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue. Vulnerabilidad no especificada en el analizador de log en WS_FTP Server 5.05 anterior a Hotfix 1, y posiblemente versiones anteriores a la 5.0, previene que cierta información sensible sea mostrada en las pestañas (1) Files y (2) Summary. NOTA: en la publicación anterior de este identificador en 26/09/2006, la descripción fue usada para el asunto equivocado. • http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp •

CVSS: 6.5EPSS: 96%CPEs: 27EXPL: 2

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands. Múltiples desbordamientos de búfer en Ipswitch WS_FTP Server 5.05 anterior al Hotfix 1 permiten a usuarios autenticados remotamente ejecutar código de su elección a través de comandos largos (1) XCRC, (2) XSHA1, o (3) XMD5. • https://www.exploit-db.com/exploits/16717 https://www.exploit-db.com/exploits/3335 http://ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp http://secunia.com/advisories/21932 http://www.osvdb.org/28939 http://www.securityfocus.com/bid/20076 http://www.vupen.com/english/advisories/2006/3655 https://exchange.xforce.ibmcloud.com/vulnerabilities/28983 •

CVSS: 5.0EPSS: 3%CPEs: 20EXPL: 3

Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file. • http://marc.info/?l=bugtraq&m=108006717731989&w=2 http://secunia.com/advisories/11206 http://securitytracker.com/id?1009529 http://www.osvdb.org/4542 http://www.securityfocus.com/bid/9953 https://exchange.xforce.ibmcloud.com/vulnerabilities/15560 https://exchange.xforce.ibmcloud.com/vulnerabilities/41831 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 2

Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access. • http://marc.info/?l=bugtraq&m=108006581418116&w=2 http://secunia.com/advisories/11206 http://www.securityfocus.com/bid/9953 https://exchange.xforce.ibmcloud.com/vulnerabilities/15558 •