cbcvebase.

Ipswitch Ws Ftp Pro vulnerabilities

6 known vulnerabilities affecting ipswitch/ws_ftp_pro.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2008-3734P3CRITICALCVSS 9.3PoCv2007.1.0.02008-08-20
CVE-2008-3734 [CRITICAL] CWE-134 CVE-2008-3734: Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 al Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response).
nvd
CVE-2004-1884P3HIGHCVSS 7.5v6.0v7.5+2 more2004-03-23
CVE-2004-1884 [HIGH] CVE-2004-1884: Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which all Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
nvd
CVE-2007-0665P3MEDIUMCVSS 6.8v20072007-02-02
CVE-2007-0665 [MEDIUM] CVE-2007-0665: Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remot Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP script command.
nvd
CVE-2007-0330P4HIGHCVSS 7.5v20072007-01-18
CVE-2007-0330 [HIGH] CVE-2007-0330: Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allow Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors.
nvd
CVE-1999-1078P4HIGHCVSS 7.5v6.01999-07-29
CVE-1999-1078 [HIGH] CVE-1999-1078: WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote a WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.
nvd
CVE-2002-1851P4HIGHCVSS 7.5v7.52002-12-31
CVE-2002-1851 [HIGH] CVE-2002-1851: Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute code on a client system via unk Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute code on a client system via unknown attack vectors.
nvd
Ipswitch Ws Ftp Pro vulnerabilities | cvebase