Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption Vulnerability
BID:22062
Info
Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption Vulnerability
| Bugtraq ID: | 22062 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jan 15 2007 12:00AM |
| Updated: | Jan 16 2007 06:00PM |
| Credit: | Michal Bucko is credited with the discovery of this vulnerability. |
| Vulnerable: |
Ipswitch WS FTP Server Professional 2007 |
| Not Vulnerable: | |
Discussion
Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption Vulnerability
Ipswitch WS_FTP 2007 Professional is prone to a local memory-corruption vulnerability. This issue occurs when the 'wsbho2k0.dll' library fails to handle specially crafted arguments.
Due to the nature of this issue, an attacker may be able to execute arbitrary machine code in the context of the affected kernel, but this has not been confirmed. Failed exploit attempts result in kernel panics, denying service to legitimate users.
Ipswitch WS_FTP 2007 Professional is vulnerable to this issue; other versions may also be affected.
Ipswitch WS_FTP 2007 Professional is prone to a local memory-corruption vulnerability. This issue occurs when the 'wsbho2k0.dll' library fails to handle specially crafted arguments.
Due to the nature of this issue, an attacker may be able to execute arbitrary machine code in the context of the affected kernel, but this has not been confirmed. Failed exploit attempts result in kernel panics, denying service to legitimate users.
Ipswitch WS_FTP 2007 Professional is vulnerable to this issue; other versions may also be affected.
Exploit / POC
Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption Vulnerability
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution / Fix
Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Ipswitch WS_FTP 2007 Professional WSFTPURL.EXE Local Memory Corruption Vulnerability
References:
References: