Bug: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability ( Ascii Version )

Search:
WLB2

Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability

Published
Credit
Risk
2007.01.19
Michal Bucko (sapheal)
Low
CWE
CVE
Local
Remote
N/A
CVE-2007-0330
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

> So it could be remotely
> exploitable after all.
>
> On the other hand, most people don't tell their browsers to open up a
> separate application to handle ftp:// links.

I agree. It could be exploited in the aforementioned way(but: WS_FTP is not
registered to handle FTP protocol by default). Now I am thinking of
something else. Could we use a specially crafted FHF file to exploit the
vulnerability? I haven't checked that yet.

Michal Bucko (sapheal)

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version