Lucene search

[email protected]CVE-2006-4847

HistorySep 19, 2006 - 1:07 a.m.

CVE-2006-4847

2006-09-1901:07:00

[email protected]

web.nvd.nist.gov

cve-2006-4847

buffer overflows

ipswitch ws_ftp server

remote code execution

nvd

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.

Affected configurations

NVD

Node

ipswitchws_ftp_serverMatch1.0.1eval

ipswitchws_ftp_serverMatch1.0.2eval

ipswitchws_ftp_serverMatch3.0_1

ipswitchws_ftp_serverMatch4.01

ipswitchws_ftp_serverMatch5.02

ipswitchws_ftp_serverMatch5.03

progressws_ftp_serverRange≤5.05

progressws_ftp_serverMatch1.0.1

progressws_ftp_serverMatch1.0.1.e

progressws_ftp_serverMatch1.0.2

progressws_ftp_serverMatch1.0.2.e

progressws_ftp_serverMatch1.0.3

progressws_ftp_serverMatch1.0.4

progressws_ftp_serverMatch1.0.5

progressws_ftp_serverMatch2.0

progressws_ftp_serverMatch2.0.1

progressws_ftp_serverMatch2.0.2

progressws_ftp_serverMatch2.0.3

progressws_ftp_serverMatch2.0.4

progressws_ftp_serverMatch3.0

progressws_ftp_serverMatch3.1

progressws_ftp_serverMatch3.1.1

progressws_ftp_serverMatch3.1.2

progressws_ftp_serverMatch3.1.3

progressws_ftp_serverMatch3.4

progressws_ftp_serverMatch4.0

progressws_ftp_serverMatch4.0.2

CPENameOperatorVersion
ipswitch:ws_ftp_serveripswitch ws ftp servereq1.0.1eval
ipswitch:ws_ftp_serveripswitch ws ftp servereq1.0.2eval
ipswitch:ws_ftp_serveripswitch ws ftp servereq3.0_1
ipswitch:ws_ftp_serveripswitch ws ftp servereq4.01
ipswitch:ws_ftp_serveripswitch ws ftp servereq5.02
ipswitch:ws_ftp_serveripswitch ws ftp servereq5.03
progress:ws_ftp_serverprogress ws ftp serverle5.05
progress:ws_ftp_serverprogress ws ftp servereq1.0.1
progress:ws_ftp_serverprogress ws ftp servereq1.0.1.e
progress:ws_ftp_serverprogress ws ftp servereq1.0.2

CPE	Name	Operator	Version
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	1.0.1eval
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	1.0.2eval
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	3.0_1
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	4.01
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	5.02
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	5.03
progress:ws_ftp_server	progress ws ftp server	le	5.05
progress:ws_ftp_server	progress ws ftp server	eq	1.0.1
progress:ws_ftp_server	progress ws ftp server	eq	1.0.1.e
progress:ws_ftp_server	progress ws ftp server	eq	1.0.2

Rows per page:

1-10 of 271

References

ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp

secunia.com/advisories/21932

www.osvdb.org/28939

www.securityfocus.com/bid/20076

www.vupen.com/english/advisories/2006/3655

exchange.xforce.ibmcloud.com/vulnerabilities/28983

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.969 High

EPSS

Percentile

99.7%

JSON

Related for CVE-2006-4847

saint4 nvd1 packetstorm1 checkpoint_advisories1 cvelist1