TUCoPS :: HP Unsorted W :: c07-2148.htm

WS_FTP 2007 Professional SCP handling format string vulnerability
WS_FTP 2007 Professional SCP handling format string vulnerability
WS_FTP 2007 Professional SCP handling format string vulnerability



Synopsis: WS_FTP 2007 Professional SCP handling format string vulnerability
Product: WS_FTP 2007 Professional
Vendor: Ipswitch
 
 
 
I. Background
 
 
 
"[..]Transfer files anywhere, anytime, with complete security.
 
    * Lightning fast transfer speeds
    * Industry leading security
    * Time saving features include schedule, backup, and email 
notifications[..]"
 
 
 
II. Problem Description
Remote code execution is possible.
 
III. Details
SCP handling module is vulnerable to format string vulnerability.
Opening a specially crafted SCP file with WS_FTP 2007 script handler
might lead to arbitrary code execution. The specially crafted file 
uses the WS_FTP script command "SHELL" and executes the file with
the specially crafted name. The file is access using "file://".
 
 
 

Kind regards,
 
Michal Bucko (sapheal)


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH