Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:02796E0C87413061E91FA827818F967E
HistoryMar 10, 2006 - 12:00 a.m.

WS_FTP MKD command buffer overflow

2006-03-1000:00:00
SAINT Corporation
www.saintcorporation.com
10

0.135 Low

EPSS

Percentile

95.0%

JSON

Added: 03/10/2006
CVE: CVE-2004-1135
BID: 11772
OSVDB: 12509

Background

WS_FTP Server is an FTP server for Windows platforms.

Problem

A buffer overflow vulnerability in the **MKD** command could allow an attacker to execute commands on the server. If the anonymous FTP account is enabled, the attacker would not need to know a valid login and password in order to exploit the vulnerability.

Resolution

Upgrade to WS_FTP Server 5.04 or higher.

References

<http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1330.html&gt;

Limitations

Exploit works on WS_FTP Server 5.03 and requires a valid FTP user name and password.

Platforms

Windows

Related

saint 3
cve 1
checkpoint_advisories 1
nessus 1
packetstorm 1
securityvulns 1
saint
saint
WS_FTP MKD command buffer overflow
2006-03-10 00:00:00
WS_FTP MKD command buffer overflow
2006-03-10 00:00:00
WS_FTP MKD command buffer overflow
2006-03-10 00:00:00
cve
cve
CVE-2004-1135
2005-01-10 05:00:00
checkpoint_advisories
checkpoint_advisories
Ipswitch WS_FTP Server Commands Buffer Overflow Denial of Service (CVE-2004-1135)
2009-11-30 00:00:00
nessus
nessus
WS_FTP Server Multiple Command Remote Overflow DoS
2004-11-30 00:00:00
packetstorm
packetstorm
WS-FTP Server 5.03 MKD Overflow
2009-11-26 00:00:00
securityvulns
securityvulns
[Full-Disclosure] Multiple vulnerabilities in w3who ISAPI DLL
2004-12-06 00:00:00

0.135 Low

EPSS

Percentile

95.0%

JSON
Related for SAINT:02796E0C87413061E91FA827818F967E
saint3cve1checkpoint_advisories1nessus1packetstorm1securityvulns1