Ipswitch WS_FTP Server Message Response Buffer Overflow Vulnerability

Bugtraq ID:	30728
Class:	Boundary Condition Error
CVE:	CVE-2008-3795
Remote:	Yes
Local:	No
Published:	Aug 18 2008 12:00AM
Updated:	May 07 2015 05:24PM
Credit:	securfrog
Vulnerable:	Ipswitch WS_FTP Pro 8.0 3 Ipswitch WS_FTP Pro 8.0 2 Ipswitch WS_FTP Pro 7.5 Ipswitch WS_FTP Pro 6.0 - Microsoft Windows 3.1 - Microsoft Windows 2000 Professional - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows NT 4.0 Ipswitch WS_FTP Pro 5 Ipswitch WS_FTP Pro 0 Ipswitch WS_FTP Home 0
Not Vulnerable:

Ipswitch WS_FTP Server Message Response Buffer Overflow Vulnerability

Ipswitch WS_FTP is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker may exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Ipswitch WS_FTP Server Message Response Buffer Overflow Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Ipswitch WS_FTP Server Message Response Buffer Overflow Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Ipswitch WS_FTP Server Message Response Buffer Overflow Vulnerability

References:

• WS FTP Homepage (IpSwitch)