Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3734

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3734
Last Modified 29 Jan 2009 01:54:16
Published 20 Aug 2008 12:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3734

Summary

Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response).

Vulnerable Systems

Application

  • Ipswitch Ws Ftp Home 2007.0.0.2

  • Ipswitch Ws Ftp Pro 2007.1.0.0


References

XF - wsftp-response-format-string(44512)

SECTRACK - 1020714

SECTRACK - 1020713

BID - 30720

MILW0RM - 6257

SREASON - 4173

SECUNIA - 31504


Last Updated: 27 May 2016 10:48:17