• IDP Daily Update #1312
  posted: 11/18/08
  
• NSM Daily Update #1312
  posted: 11/18/08
  
• Deep Inspection 5.3r5 and above, 5.4, 6.0 #1312
  posted: 11/18/08
  
• Deep Inspection 5.1, 5.2, 5.3r4 and below #1300
  posted: 11/18/08
  
• Deep Inspection 5.0 #1132
  posted: 04/01/08
  
• Antivirus
  posted: 11/17/08

Text Size:        

• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Ipswitch WS_FTP Server Message Response Buffer Overflow Vulnerability

Severity: HIGH

Description:

Ipswitch WS_FTP is an FTP implementation that is available for Microsoft Windows operating systems.

Ipswitch WS_FTP is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The vulnerability occurs when handling FTP server message responses larger than 4100 bytes.

An attacker may exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Affected Products:

• Ipswitch WS_FTP Home
• Ipswitch WS_FTP Pro
• Ipswitch WS_FTP Pro 5
• Ipswitch WS_FTP Pro 6.0.0
• Ipswitch WS_FTP Pro 7.5.0
• Ipswitch WS_FTP Pro 8.0.0 2
• Ipswitch WS_FTP Pro 8.0.0 3

References:

• IpSwitch: WS FTP Homepage