Details of VAR-200107-0028

ID

VAR-200107-0028

CVE

CVE-2001-1021

TITLE

Progress Software Ipswitch WS_FTP Server Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200107-179

DESCRIPTION

Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments to (1) DELE, (2) MDTM, (3) MLST, (4) MKD, (5) RMD, (6) RNFR, (7) RNTO, (8) SIZE, (9) STAT, (10) XMKD, or (11) XRMD. WS FTP Server is prone to a remote security vulnerability. WS_FTP 2.02 has a buffer overflow vulnerability

Trust: 1.26

sources: NVD: CVE-2001-1021 // BID: 82909 // VULHUB: VHN-3826

AFFECTED PRODUCTS

vendor:	progress	model:	ws ftp server	scope:	eq	version:	2.0.2	Trust: 1.0
vendor:	ipswitch	model:	ws ftp server	scope:	eq	version:	2.0.2	Trust: 0.9

sources: BID: 82909 // CNNVD: CNNVD-200107-179 // NVD: CVE-2001-1021

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2001-1021
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200107-179
value:	HIGH
Trust: 0.6
VULHUB:	VHN-3826
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2001-1021
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-3826
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-3826 // CNNVD: CNNVD-200107-179 // NVD: CVE-2001-1021

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-1021

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200107-179

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-200107-179

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-3826

PATCH

title:

Progress Software Ipswitch WS_FTP Server Buffer error vulnerability fix

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118188

Trust: 0.6

sources: CNNVD: CNNVD-200107-179

EXTERNAL IDS

db:	NVD	id:	CVE-2001-1021	Trust: 2.0
db:	CNNVD	id:	CNNVD-200107-179	Trust: 0.6
db:	BID	id:	82909	Trust: 0.4
db:	XF	id:	6911	Trust: 0.3
db:	EXPLOIT-DB	id:	1158	Trust: 0.1
db:	EXPLOIT-DB	id:	21036	Trust: 0.1
db:	SEEBUG	id:	SSVID-63193	Trust: 0.1
db:	SEEBUG	id:	SSVID-74881	Trust: 0.1
db:	VULHUB	id:	VHN-3826	Trust: 0.1

sources: VULHUB: VHN-3826 // BID: 82909 // CNNVD: CNNVD-200107-179 // NVD: CVE-2001-1021

REFERENCES

url:	http://archives.neohapsis.com/archives/bugtraq/2001-07/0610.html	Trust: 2.0
url:	http://www.ipswitch.com/support/ws_ftp-server/patch-upgrades.html	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/6911	Trust: 1.7
url:	http://xforce.iss.net/static/6911.php	Trust: 0.3

sources: VULHUB: VHN-3826 // BID: 82909 // CNNVD: CNNVD-200107-179 // NVD: CVE-2001-1021

CREDITS

Unknown

Trust: 0.3

sources: BID: 82909

SOURCES

db:	VULHUB	id:	VHN-3826
db:	BID	id:	82909
db:	CNNVD	id:	CNNVD-200107-179
db:	NVD	id:	CVE-2001-1021

LAST UPDATE DATE

2024-08-14T14:36:02.486000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-3826	date:	2019-08-13T00:00:00
db:	BID	id:	82909	date:	2001-07-26T00:00:00
db:	CNNVD	id:	CNNVD-200107-179	date:	2020-05-11T00:00:00
db:	NVD	id:	CVE-2001-1021	date:	2023-10-11T14:45:44.747

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-3826	date:	2001-07-26T00:00:00
db:	BID	id:	82909	date:	2001-07-26T00:00:00
db:	CNNVD	id:	CNNVD-200107-179	date:	2001-07-26T00:00:00
db:	NVD	id:	CVE-2001-1021	date:	2001-07-26T04:00:00