Details of VAR-200501-0137

ID

VAR-200501-0137

CVE

CVE-2004-1135

TITLE

ipswitchft WS_FTP Multiple Buffer overflow vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200501-152

DESCRIPTION

Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands. WS FTP Server is prone to a denial-of-service vulnerability. WS_FTP is an FTP server software. Multiple buffer overflow vulnerabilities exist in WS_FTP server 5.03 2004.10.14

Trust: 1.26

sources: NVD: CVE-2004-1135 // BID: 90537 // VULHUB: VHN-9565

AFFECTED PRODUCTS

vendor:

ipswitch

model:

ws ftp server

scope:

version:

5.03

Trust: 1.9

sources: BID: 90537 // CNNVD: CNNVD-200501-152 // NVD: CVE-2004-1135

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1135
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200501-152
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-9565
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2004-1135
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9565
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-9565 // CNNVD: CNNVD-200501-152 // NVD: CVE-2004-1135

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1135

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200501-152

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200501-152

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-9565

EXTERNAL IDS

db:	NVD	id:	CVE-2004-1135	Trust: 2.0
db:	XF	id:	18296	Trust: 0.9
db:	CNNVD	id:	CNNVD-200501-152	Trust: 0.7
db:	FULLDISC	id:	20041129 MULTIPLE BUFFER OVERLOWS IN WS_FTP SERVER VERSION 5.03, 2004.10.14.	Trust: 0.6
db:	BUGTRAQ	id:	20041129 MULTIPLE BUFFER OVERLOWS IN WS_FTP SERVER VERSION 5.03, 2004.10.14.	Trust: 0.6
db:	BID	id:	90537	Trust: 0.4
db:	PACKETSTORM	id:	83216	Trust: 0.1
db:	SEEBUG	id:	SSVID-62929	Trust: 0.1
db:	SEEBUG	id:	SSVID-71224	Trust: 0.1
db:	EXPLOIT-DB	id:	16719	Trust: 0.1
db:	EXPLOIT-DB	id:	664	Trust: 0.1
db:	VULHUB	id:	VHN-9565	Trust: 0.1

sources: VULHUB: VHN-9565 // BID: 90537 // CNNVD: CNNVD-200501-152 // NVD: CVE-2004-1135

REFERENCES

url:	http://lists.grok.org.uk/pipermail/full-disclosure/2004-november/029600.html	Trust: 2.0
url:	http://www.securiteam.com/exploits/6d00l2kbpg.html	Trust: 2.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/18296	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=110177654524819&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=110177654524819&w=2	Trust: 0.9
url:	http://xforce.iss.net/xforce/xfdb/18296	Trust: 0.9
url:	http://marc.info/?l=bugtraq&m=110177654524819&w=2	Trust: 0.1

sources: VULHUB: VHN-9565 // BID: 90537 // CNNVD: CNNVD-200501-152 // NVD: CVE-2004-1135

CREDITS

Unknown

Trust: 0.3

sources: BID: 90537

SOURCES

db:	VULHUB	id:	VHN-9565
db:	BID	id:	90537
db:	CNNVD	id:	CNNVD-200501-152
db:	NVD	id:	CVE-2004-1135

LAST UPDATE DATE

2024-08-14T15:45:43.360000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-9565	date:	2017-07-11T00:00:00
db:	BID	id:	90537	date:	2005-01-10T00:00:00
db:	CNNVD	id:	CNNVD-200501-152	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1135	date:	2017-07-11T01:30:46.263

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-9565	date:	2005-01-10T00:00:00
db:	BID	id:	90537	date:	2005-01-10T00:00:00
db:	CNNVD	id:	CNNVD-200501-152	date:	2005-01-10T00:00:00
db:	NVD	id:	CVE-2004-1135	date:	2005-01-10T05:00:00