CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2017-16513 – Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH)
https://notcve.org/view.php?id=CVE-2017-16513
03 Nov 2017 — Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729. Ipswitch WS_FTP Professional en versiones anteriores a la 12.6.0.3 incluye desbordamientos de búfer en el campo de búsqueda local y el campo de localizaciones de copias de seguridad. Esto también se conoce como WSCLT-1729. • https://packetstorm.news/files/id/144909 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 13%CPEs: 4EXPL: 4CVE-2009-4775 – Ipswitch WS_FTP 12 Professional - Remote Format String (PoC)
https://notcve.org/view.php?id=CVE-2009-4775
21 Apr 2010 — Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response. Vulnerabilidad de formato de cadena en Ipswitch WS_FTP Professional v12 anterior a v12.2, permite a atacantes remotos provocar una denegación de servicio (caída) a través de especificadores de formato de cadena en el "status code" de una respuesta HTTP. • https://www.exploit-db.com/exploits/9607 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 1%CPEs: 22EXPL: 1CVE-2008-5692 – Ipswitch WS_FTP Server 6 - '/WSFTPSVR/FTPLogServer/LogViewer.asp' Authentication Bypass
https://notcve.org/view.php?id=CVE-2008-5692
19 Dec 2008 — Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name. Ipswitch WS_FTP Server Manager anterior a la version 6.1.1, y posiblemente otros productos de Ipswitch, permite a atacantes remotos eludir la autenticación y leer los logs a través de una acción logLogout a FTPLogServer/login.as... • https://www.exploit-db.com/exploits/31117 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2008-5693
https://notcve.org/view.php?id=CVE-2008-5693
19 Dec 2008 — Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly other Ipswitch products, might allow remote attackers to read the contents of custom ASP files in WSFTPSVR/ via a request with an appended dot character. Ipswitch WS_FTP Server Manager 6.1.0.0 y anteriores, y posiblemente otros productos de Ipswitch, podría permitir a atacantes remotos leer el contenido de ficheros ASP en WSFTPSVR/ a través de una solicitud con un carácter punto al final. • http://aluigi.altervista.org/adv/wsftpweblog-adv.txt • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2008-0608
https://notcve.org/view.php?id=CVE-2008-0608
06 Feb 2008 — The Logging Server (ftplogsrv.exe) 7.9.14.0 and earlier in IPSwitch WS_FTP 6.1 allows remote attackers to cause a denial of service (loss of responsiveness) via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and prevents log commands from being recorded, a different vulnerability than CVE-2007-3823. El Logging Server (ftplogsrv.exe) 7.9.14.0 y versiones anteriores en IPSwitch WS_FTP 6.1. Permite a atacantes remotos provocar una denegación de servicio (pérdid... • http://aluigi.altervista.org/adv/ftplogsrvz-adv.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 0CVE-2007-3823
https://notcve.org/view.php?id=CVE-2007-3823
17 Jul 2007 — The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote attackers to cause a denial of service (daemon crash) by sending a crafted packet containing a long string to port 5151/udp. The Logging Server (Logsrv.exe) en IPSwitch WS_FTP 7.5.29.0 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) enviando un paquete artesanal que contiene una cadena larga al puerto 5151/udp. • http://packetstormsecurity.org/0707-advisories/wsftp75290-dos.txt •