Intrusion Prevention

Ipswitch.WsFtp.Buffer.Overflow

Description

It indicates a possible attempt of a Buffer Overflow attack against a WS_FTP Server. Multiple vulnerabilities exist in Ipswitch WS_FTP Server 4.0.2 which could lead to the execution of arbitrary code. A remote authenticated user could cause a large error string to be the ALLO handler or FTP administrators could cause a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.

Affected Products

WS_FTP Server 4.x and earlier versions.

Impact

Compromise of the affected system.

Recommended Actions

Apply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.

CVE References

CVE-2004-1883

Other References

1