ISS X-Force Database: wsftp-response-format-string(44512): Ipswitch WS

Ipswitch WS_FTP server response format string

wsftp-response-format-string (44512)

High Risk

Description:

Ipswitch WS_FTP could allow a remote attacker to execute arbitrary code on the system, caused by a format string vulnerability when handling certain server responses. By persuading a victim to connect to a server posing as an FTP server, an attacker could exploit this vulnerability using a specially-crafted string containing malicious format string specifiers in a server response to execute arbitrary code on the vulnerable system or cause the application to crash.

Platforms Affected:

Ipswitch, WS_FTP 2007 Home
Ipswitch, WS_FTP 2007 Professional
Ipswitch, WS_FTP Pro 5.0
Ipswitch, WS_FTP Pro 6.0
Ipswitch, WS_FTP Pro 7.5
Ipswitch, WS_FTP Pro 8.0 2
Ipswitch, WS_FTP Pro 8.0 3

Remedy:

For WS_FTP Professional 2007.1 (English):
Apply the Hotfix available from the Ipswitch Web site. See References.

For WS_FTP Home 2007 (English):
Apply the Hotfix available from the Ipswitch Web site. See References.

Consequences:

Gain Access

References:

Ipswitch Web site, Ipswitch at http://www.ipswitch.com/.
Ipswitch Web site, WS_FTP Home 2007 Hotfix 1 at http://www.ipswitch.com/support/ws_ftp/home/releases/wsh2007hf1.asp.
Ipswitch Web site, WS_FTP Professional 2007.1 Hotfix 1 at http://www.ipswitch.com/support/ws_ftp/releases/wsp20071hf1.asp.
BID-30720: Ipswitch WS_FTP Client Format String Vulnerability
CVE-2008-3734: Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response).
SA31504: WS_FTP Home / Professional Format String Vulnerability
SECTRACK ID: 1020713: WS_FTP Home Format String Bug Lets Remote Users Execute Arbitrary Code
SECTRACK ID: 1020714: WS_FTP Pro Format String Bug Lets Remote Users Execute Arbitrary Code

Reported:

Aug 17, 2008

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page