Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1885

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-1885
Last Modified 05 Sep 2008 04:42:36
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-1885

Summary

Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe.

Vulnerable Systems

Application

  • Ipswitch Ws Ftp Server 4.0.2


References

SECUNIA - 11206

XF - wftp-site-gain-priviliege(15558)

BID - 9953

BUGTRAQ - 20040323 Open the WS_FTP Server backdoor to SYSTEM


Last Updated: 27 May 2016 10:39:13