Added: 03/10/2006
CVE: CVE-2004-1135
BID: 11772
OSVDB: 12509
WS_FTP Server is an FTP server for Windows platforms.
A buffer overflow vulnerability in the **MKD**
command could allow an attacker to execute commands on the server. If the anonymous FTP account is enabled, the attacker would not need to know a valid login and password in order to exploit the vulnerability.
Upgrade to WS_FTP Server 5.04 or higher.
<http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1330.html>
Exploit works on WS_FTP Server 5.03 and requires a valid FTP user name and password.
Windows