• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Ipswitch WS_FTP PASV Response Remote Buffer Overflow Vulnerability

A remote buffer-overflow vulnerability is reported in the Ipswitch WS_FTP client. This issue occurs because the application fails to properly validate the length of user-supplied strings prior to copying them into finite process buffers.

An attacker may exploit this issue to cause the affected client to crash. Execution of arbitrary code in the context of the FTP client process may also be possible.

Version 5.08 of the affected software is vulnerable; other versions may be affected as well.