CVE-2006-5000

2006-09-2620:07:00

[email protected]

web.nvd.nist.gov

ws_ftp server

buffer overflow

remote attack

authenticated

cve-2006-5000

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.966 High

EPSS

Percentile

99.6%

JSON

Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.

Affected configurations

NVD

Node

ipswitchws_ftp_serverMatch5.02

ipswitchws_ftp_serverMatch5.03

ipswitchws_ftp_serverMatch5.05

progressws_ftp_serverMatch5.0.2

CPENameOperatorVersion
ipswitch:ws_ftp_serveripswitch ws ftp servereq5.02
ipswitch:ws_ftp_serveripswitch ws ftp servereq5.03
ipswitch:ws_ftp_serveripswitch ws ftp servereq5.05
progress:ws_ftp_serverprogress ws ftp servereq5.0.2

CPE	Name	Operator	Version
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	5.02
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	5.03
ipswitch:ws_ftp_server	ipswitch ws ftp server	eq	5.05
progress:ws_ftp_server	progress ws ftp server	eq	5.0.2