FTP.Command.STAT.Overflow
Description
This indicates a possible buffer overflow attack on WS-FTP server.
Ipswitch's WS-FTP is an FTP server for Windows NT and 2000. It has been reported that it is vulnerable to a buffer overflow attack when a long string is sent with a STAT command. An attacker may be able to run arbitrary commands with system privileges.
Affected Products
Ipswitch WS FTP Server 4.0 and earlier.
Impact
The FTP server is compromised for damaging any files in the system and it is vulnerable for denial of service attack.
Recommended Actions
Upgrade WS-FTP server version 4.0.2 or later from the following URL:
ftp://ftp.ipswitch.com/ipswitch/product_support/ws_ftp_server
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-02-15 | 14.554 | Sig Added |