FTP.Client.Format.String
Description
This indicates an attack attempt against a format string vulnerability in the Ipswitch WS_FTP client FTP product. The vulnerability is caused by an input validation when the vulnerable software processes a message from a remote FTP server. It allows a remote attacker to execute arbitrary code.
Affected Products
Ipswitch WS_FTP Pro 8.0 3
Ipswitch WS_FTP Pro 8.0 2
Ipswitch WS_FTP Pro 7.5
Ipswitch WS_FTP Pro 6.0
Ipswitch WS_FTP Pro 5
Ipswitch WS_FTP Pro 0
Ipswitch WS_FTP Home 0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch, available from the web site:
WS_FTP Professional 2007.1 Hotfix 1 (full English version only):
WS_FTP Home 2007 Hotfix 1 for version 2007.0.0.2 (full English version only):
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |