Signature Detail
Short Name |
FTP:WS-FTP:CPWD |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
FTP |
Keywords |
WS FTP Server "SITE CPWD" Buffer Overflow |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
FTP: WS FTP Server "SITE CPWD" Buffer Overflow
This signature detects attempts to exploit a known vulnerability against WS FTP Server. The code that handles arguments to the SITE CPWD command, which allows users to change their password, contains an unchecked string copy. Attackers can send a maliciously crafted argument in the SITE CPWD command to overflow the buffer and overwrite the return address.
Extended Description
Ipswitch WS_FTP Server, is a FTP server for Microsoft Windows platforms. Ipswitch WS FTP Server contains a remote buffer overflow vulnerability related to the CPWD command, used to modify an authenticated user's password. Oversized parameters may corrupt process memory, possibly leading to the execution of arbitrary code as the server process. This issue has been reported in WS_FTP Server 3.1.1. Earlier versions may share this vulnerability, this has not however been confirmed.
Affected Products
- Ipswitch WS FTP Server 3.1.1
References
- BugTraq: 5427
- CVE: CVE-2002-0826
- URL: http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html