Vulnerabilities (CVE)

Filtered by vendor Ipswitch Subscribe
Filtered by product Ws Ftp Pro
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3734 1 Ipswitch 2 Ws Ftp Home, Ws Ftp Pro 2024-11-21 9.3 HIGH N/A
Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response).
CVE-2007-0665 1 Ipswitch 1 Ws Ftp Pro 2024-11-21 6.8 MEDIUM N/A
Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP script command.
CVE-2007-0330 1 Ipswitch 1 Ws Ftp Pro 2024-11-21 7.5 HIGH N/A
Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors.
CVE-2004-1884 2 Ipswitch, Progress 3 Ws Ftp Pro, Ws Ftp Server, Ws Ftp Server 2024-11-20 7.5 HIGH N/A
Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.
CVE-2002-1851 1 Ipswitch 1 Ws Ftp Pro 2024-11-20 7.5 HIGH N/A
Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute code on a client system via unknown attack vectors.
CVE-1999-1078 1 Ipswitch 1 Ws Ftp Pro 2024-11-20 7.5 HIGH N/A
WS_FTP Pro 6.0 uses weak encryption for passwords in its initialization files, which allows remote attackers to easily decrypt the passwords and gain privileges.