Lucene search

[email protected]CVE-2004-1848

HistoryMay 10, 2005 - 4:00 a.m.

CVE-2004-1848

2005-05-1004:00:00

CWE-399

[email protected]

web.nvd.nist.gov

ipswitch

ws_ftp server

4.0.2

denial of service

disk consumption

file size restriction

rest command

stor command

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.

Affected configurations

NVD

Node

ipswitchws_ftp_serverMatch3.0_1

ipswitchws_ftp_serverMatch4.01

progressws_ftp_serverMatch1.0.1

progressws_ftp_serverMatch1.0.2

progressws_ftp_serverMatch1.0.3

progressws_ftp_serverMatch1.0.4

progressws_ftp_serverMatch1.0.5

progressws_ftp_serverMatch2.0

progressws_ftp_serverMatch2.0.1

progressws_ftp_serverMatch2.0.2

progressws_ftp_serverMatch2.0.3

progressws_ftp_serverMatch2.0.4

progressws_ftp_serverMatch3.0

progressws_ftp_serverMatch3.1

progressws_ftp_serverMatch3.1.1

progressws_ftp_serverMatch3.1.2

progressws_ftp_serverMatch3.1.3

progressws_ftp_serverMatch3.4

progressws_ftp_serverMatch4.0

progressws_ftp_serverMatch4.0.2

CPENameOperatorVersion
ipswitch:ws_ftp_serveripswitch ws ftp servereq3.0_1
ipswitch:ws_ftp_serveripswitch ws ftp servereq4.01
progress:ws_ftp_serverprogress ws ftp servereq1.0.1
progress:ws_ftp_serverprogress ws ftp servereq1.0.2
progress:ws_ftp_serverprogress ws ftp servereq1.0.3
progress:ws_ftp_serverprogress ws ftp servereq1.0.4
progress:ws_ftp_serverprogress ws ftp servereq1.0.5
progress:ws_ftp_serverprogress ws ftp servereq2.0
progress:ws_ftp_serverprogress ws ftp servereq2.0.1
progress:ws_ftp_serverprogress ws ftp servereq2.0.2

CPE	Name	Operator	Version
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	3.0_1
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	4.01
progress:ws_ftp_server	progress ws ftp server	eq	1.0.1
progress:ws_ftp_server	progress ws ftp server	eq	1.0.2
progress:ws_ftp_server	progress ws ftp server	eq	1.0.3
progress:ws_ftp_server	progress ws ftp server	eq	1.0.4
progress:ws_ftp_server	progress ws ftp server	eq	1.0.5
progress:ws_ftp_server	progress ws ftp server	eq	2.0
progress:ws_ftp_server	progress ws ftp server	eq	2.0.1
progress:ws_ftp_server	progress ws ftp server	eq	2.0.2

Rows per page:

1-10 of 201

References

marc.info/?l=bugtraq&m=108006717731989&w=2

secunia.com/advisories/11206

securitytracker.com/id?1009529

www.osvdb.org/4542

www.securityfocus.com/bid/9953

exchange.xforce.ibmcloud.com/vulnerabilities/15560

exchange.xforce.ibmcloud.com/vulnerabilities/41831

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2004-1848

checkpoint_advisories1 cvelist1 nvd2 cve1 nessus1 openvas1