5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.115 Low
EPSS
Percentile
95.1%
Added: 03/10/2006
CVE: CVE-2004-1135
BID: 11772
OSVDB: 12509
WS_FTP Server is an FTP server for Windows platforms.
A buffer overflow vulnerability in the **MKD**
command could allow an attacker to execute commands on the server. If the anonymous FTP account is enabled, the attacker would not need to know a valid login and password in order to exploit the vulnerability.
Upgrade to WS_FTP Server 5.04 or higher.
<http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1330.html>
Exploit works on WS_FTP Server 5.03 and requires a valid FTP user name and password.
Windows