CVSS: 7.2EPSS: 1%CPEs: 1EXPL: 1CVE-2004-1883 – Ipswitch WS_FTP Server 4.0.2 - ALLO Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-1883
Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred. • https://www.exploit-db.com/exploits/165 http://marc.info/?l=bugtraq&m=108006553222397&w=2 http://secunia.com/advisories/11206 http://www.securityfocus.com/archive/1/358361 http://www.securityfocus.com/bid/9953 https://exchange.xforce.ibmcloud.com/vulnerabilities/15561 •
CVSS: 7.2EPSS: 38%CPEs: 1EXPL: 2CVE-2004-1885
https://notcve.org/view.php?id=CVE-2004-1885
Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe. • http://marc.info/?l=bugtraq&m=108006581418116&w=2 http://secunia.com/advisories/11206 http://www.securityfocus.com/bid/9953 https://exchange.xforce.ibmcloud.com/vulnerabilities/15558 •
CVSS: 5.0EPSS: 5%CPEs: 20EXPL: 3CVE-2004-1848
https://notcve.org/view.php?id=CVE-2004-1848
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file. • http://marc.info/?l=bugtraq&m=108006717731989&w=2 http://secunia.com/advisories/11206 http://securitytracker.com/id?1009529 http://www.osvdb.org/4542 http://www.securityfocus.com/bid/9953 https://exchange.xforce.ibmcloud.com/vulnerabilities/15560 https://exchange.xforce.ibmcloud.com/vulnerabilities/41831 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1CVE-2004-1643 – Ipswitch WS_FTP Server 5.0.x - CD Command Malformed File Path Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-1643
WS_FTP 5.0.2 allows remote authenticated users to cause a denial of service (CPU consumption) via a CD command that contains an invalid path with a "../" sequence. • https://www.exploit-db.com/exploits/24416 http://marc.info/?l=bugtraq&m=109389890712888&w=2 http://secunia.com/advisories/12406 http://www.securityfocus.com/bid/11065 https://exchange.xforce.ibmcloud.com/vulnerabilities/17155 •
CVSS: 7.5EPSS: 1%CPEs: 24EXPL: 2CVE-2004-1884
https://notcve.org/view.php?id=CVE-2004-1884
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access. • http://marc.info/?l=bugtraq&m=108006581418116&w=2 http://secunia.com/advisories/11206 http://www.securityfocus.com/bid/9953 https://exchange.xforce.ibmcloud.com/vulnerabilities/15558 •