Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15885
HistoryJan 28, 2007 - 12:00 a.m.

WS_FTP 2007 Professional SCP handling format string vulnerability

2007-01-2800:00:00
vulners.com
10
JSON

Synopsis: WS_FTP 2007 Professional SCP handling format string vulnerability
Product: WS_FTP 2007 Professional
Vendor: Ipswitch

I. Background

"[…]Transfer files anywhere, anytime, with complete security.

* Lightning fast transfer speeds
* Industry leading security
* Time saving features include schedule, backup, and email

notifications[…]"

II. Problem Description
Remote code execution is possible.

III. Details
SCP handling module is vulnerable to format string vulnerability.
Opening a specially crafted SCP file with WS_FTP 2007 script handler
might lead to arbitrary code execution. The specially crafted file
uses the WS_FTP script command "SHELL" and executes the file with
the specially crafted name. The file is access using "file://".

Kind regards,

Michal Bucko (sapheal)

JSON