CVE-2004-1884

CVE-2004-1884 affects Ipswitch WS_FTP Server 4.0.2. The vulnerability is a backdoor: the XXSESS_MGRYY user with a default password can enable remote access, enabling partial confidentiality/integrity/availability impact as indicated by CVSS base vector AV:N/AC:L/Au:N/C:P/I:P/A:P. Public reference...

CVE-1999-1078

The CVE applies to Ipswitch WS_FTP Pro (6.0) where passwords are stored with weak encryption in initialization files. This enables a remote attacker to decrypt stored passwords and potentially gain privileges. OpenVAS and Nessus entries corroborate weak stored password issues in WS_FTP Pro/Client...

CVE-2007-0665

CVE-2007-0665 affects Ipswitch WS_FTP 2007 Professional’s SCP module. The vulnerability is a format string flaw in the handling of filenames, related to the SHELL WS_FTP script command, which could allow remote attackers to execute arbitrary commands. The NVD entry lists a CVSSv2 base score of 6....

CVE-2008-3734

Ipswitch WS_FTP Client/Server products are affected by a CVE-2008-3734 format-string vulnerability. The flaw allows a remote FTP server to trigger a denial of service (application crash) and potentially execute arbitrary code via format string specifiers in the connection greeting/response. Affec...

CVE-2002-1851

Technical details (affected components, exact exploit vectors, and remediation) are not publicly provided in the connected documents. Monitor updates from Red Hat, CVE listings, and vendor advisories for confirmed information.

CVE-2007-0330

CVE-2007-0330 describes a buffer overflow in Ipswitch WS_FTP 2007 Professional, triggered by wsbho2k0.dll used by wsftpurl.exe. An attacker can craft a long ftp:// URL in HTML (and possibly other vectors) to cause application crash and may execute arbitrary code. The vulnerability affects WS_FTP ...