FTP Vulnerability & Accompanying Activity

Published: 2004-12-05
Last Updated: 2004-12-06 14:54:23 UTC
by Tony Carothers (Version: 1)
0 comment(s)
FTP Vulnerability and activity

With a significant increase in Port 21 traffic over the past few days;


Coupled with a release by Secunia regarding WS_FTP;

@ Secunia:

Release Date: 2004-11-30

WS_FTP Server FTP Commands Buffer Overflow Vulnerabilities




Highly critical

Impact: System access

Where: From remote

Solution Status: Unpatched

Software: WS_FTP Server 3.x

WS_FTP Server 4.x

WS_FTP Server 5.x

Successful exploitation allows execution of arbitrary code.

The vulnerabilities have been confirmed in version 5.03. Other versions may
also be affected.

NOTE: Exploit code has been published.

This creates a situation in which we have a known vulnerability actively being searched and, possibly, successfully compromise of systems.


A good policy would go a long way in protecting against this vulnerability. Grant only trusted users access to a vulnerable server, and Filter overly long arguments in a FTP proxy.

Tony Carothers

Handler on Duty

with help from P. Noli.... er, Nolan
0 comment(s)


Diary Archives