Ipswitch WS FTP Client Format String Vulnerability Network Vulnerability

Summary

This host is running WS FTP Client, which is prone to Format String Vulnerability.

Impact

Successful exploitation will allow execution of arbitrary code on the vulnerable system or cause the application to crash by tricking a user into connecting to a malicious ftp server. Impact Level : Application

Solution

Upgrade to Ipswitch WS FTP Home/Professional version 12 or later, For updates refer to http://www.ipswitchft.com/products/

Insight

Issue is due to a format string error when processing responses of the FTP server.

Affected

Ipswitch WS FTP Home/Professional 2007 and prior versions.

References

http://secunia.com/advisories/31504/
http://xforce.iss.net/xforce/xfdb/44512

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3734
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Easy RM to MP3 Converter Buffer Overflow Vulnerability
Apple iTunes Malformed .mov File Buffer Overflow Vulnerability
Apple Safari Multiple Vulnerabilities June-09 (Win) - II
Apache APR-Utils XML Parser Denial of Service Vulnerability
3com switch2hub

Take action and discover your vulnerabilities