WS_FTP < 3.1.2 SITE CPWD Buffer Overflow

High Nessus Network Monitor Plugin ID 1832

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

This host is running a version of WS_FTP FTP server prior to 3.1.2. Versions earlier than 3.1.2 contain an unchecked buffer in routines that handle the 'CPWD' command arguments. The 'CPWD' command allows remote users to change their password. By issuing a malformed argument to the CPWD command, a user could overflow a buffer and execute arbitrary code on this host. Note that a local user account is required.

Solution

Upgrade to version 3.1.2 or higher.

See Also

http://www.ipswitch.com/support

Plugin Details

Severity: High

ID: 1832

File Name: 1832.prm

Family: FTP Servers

Published: 2004/08/20

Modified: 2016/01/15

Dependencies: 1803, 1804, 3222

Nessus ID: 11098

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2002-0826

BID: 5427