Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Ws Ftp Security Vulnerabilities - May

cve
cve

CVE-2007-2213

Unspecified vulnerability in the Initialize function in NetscapeFTPHandler in WS_FTP Home and Professional 2007 allows remote attackers to cause a denial of service (NULL dereference and application crash) via unspecified vectors related to "improper arguments."

6.6AI Score

0.041EPSS

2007-04-24 08:19 PM
31
cve
cve

CVE-2007-3823

The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote attackers to cause a denial of service (daemon crash) by sending a crafted packet containing a long string to port 5151/udp.

6.4AI Score

0.242EPSS

2007-07-17 01:30 AM
29
cve
cve

CVE-2007-4555

Cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to crea...

5.7AI Score

0.005EPSS

2007-08-28 12:17 AM
31
cve
cve

CVE-2008-0608

The Logging Server (ftplogsrv.exe) 7.9.14.0 and earlier in IPSwitch WS_FTP 6.1 allows remote attackers to cause a denial of service (loss of responsiveness) via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and prevents log commands from being reco...

6.6AI Score

0.242EPSS

2008-02-06 12:00 PM
22
cve
cve

CVE-2008-5692

Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name.

6.7AI Score

0.007EPSS

2008-12-19 06:30 PM
37
cve
cve

CVE-2008-5693

Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly other Ipswitch products, might allow remote attackers to read the contents of custom ASP files in WSFTPSVR/ via a request with an appended dot character.

6.4AI Score

0.002EPSS

2008-12-19 06:30 PM
28
cve
cve

CVE-2009-4775

Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response.

6.9AI Score

0.021EPSS

2010-04-21 02:30 PM
27
cve
cve

CVE-2017-16513

Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729.

7.8CVSS

7.5AI Score

0.003EPSS

2017-11-03 03:29 PM
54