Short Name |
FTP:EXPLOIT:WSFTP-FMT-STR |
---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
Ipswitch WS_FTP Client Format String Vulnerability |
Release Date |
2011/07/26 |
Update Number |
1961 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against Ipswitch WS_FTP client FTP product. A successful attack can allow remote code execution.
Ipswitch WS_FTP client is prone to a format-string vulnerability it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. This issue affects the WS_FTP Home and WS_FTP Professional clients.