Denial of Service Vulnerability in WS_FTP 5.0.2 by Ipswitch
CVE-2004-1643

Currently unrated

Key Information:

Vendor: Progress
Status: Ws Ftp Server
Vendor: CVE Published:; 29 August 2004

Summary

WS_FTP 5.0.2 is susceptible to a denial of service condition triggered by remote authenticated users. This vulnerability allows an attacker to execute a CD command with an invalid path that includes a '../' sequence, leading to excessive CPU consumption and making the service unresponsive. Proper validation of user input paths is essential to prevent this kind of exploitation.

References

http://secunia.com/advisories/12406

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/11065

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/17155

vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Feb 21, 2005
Vulnerability published
Aug 29, 2004