Ipswitch_WS_FTP_Server_FTP_Commands_Buffer_Overflow_attack

There exists a buffer overflow vulnerability in the Ipswitch WS_FTP server. The vulnerability is due to insufficient validation checks in the processing of the FTP XCRC, XSHA1 or XMD5 commands. An authenticated remote attacker may exploit this vulnerability to cause a denial of service condition or execute arbitrary code in the context of the vulnerable service, normally System . An attack exploiting this vulnerability may result in either a denial of service condition of the affected service or diversion of the process flow of the affected process. In the case of a successful code execution attack, the affected process will be diverted to attacker supplied code which is injected during the attack. It is most probable that the affected server will stop to function as intended after having been compromised. If a code execution attack is not successful, then the current connection thread will be terminated. The service, however, resumes to operate normally. In specific cases, when the argument length is 0x2A4 bytes, the attack will result in the termination of the process and a consequent denial of service condition.