CVE-2003-0772 - OpenCVE

Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ipswitch	Ws Ftp Server
Progress	Ws Ftp Server

Configuration 1 [-]

OR	cpe:2.3:a:ipswitch:ws_ftp_server:4.01:::::::*
	cpe:2.3:a:progress:ws_ftp_server:3.4:::::::*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=106288825902868&w=2
http://secunia.com/advisories/9671
http://www.kb.cert.org/vuls/id/219140
http://www.kb.cert.org/vuls/id/792284
http://www.securityfocus.com/bid/8542
https://exchange.xforce.ibmcloud.com/vulnerabilities/13119

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-09-12T04:00:00

Updated: 2024-08-08T02:05:12.499Z

Reserved: 2003-09-09T00:00:00

Link: CVE-2003-0772

Vulnrichment

No data.

NVD

Status : Modified

Published: 2003-09-22T04:00:00.000

Modified: 2023-10-11T14:45:44.747

Link: CVE-2003-0772

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-09-06T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030906 Remote and Local Vulnerabilities In WS_FTP Server", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=106288825902868&w=2"}, {"name": "8542", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/8542"}, {"name": "VU#219140", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/219140"}, {"name": "VU#792284", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/792284"}, {"name": "wsftp-ftp-command-bo(13119)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"}, {"name": "9671", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/9671"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0772", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030906 Remote and Local Vulnerabilities In WS_FTP Server", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=106288825902868&w=2"}, {"name": "8542", "refsource": "BID", "url": "http://www.securityfocus.com/bid/8542"}, {"name": "VU#219140", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/219140"}, {"name": "VU#792284", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/792284"}, {"name": "wsftp-ftp-command-bo(13119)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"}, {"name": "9671", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/9671"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:05:12.499Z"}, "title": "CVE Program Container", "references": [{"name": "20030906 Remote and Local Vulnerabilities In WS_FTP Server", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=106288825902868&w=2"}, {"name": "8542", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/8542"}, {"name": "VU#219140", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/219140"}, {"name": "VU#792284", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/792284"}, {"name": "wsftp-ftp-command-bo(13119)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"}, {"name": "9671", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/9671"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0772", "datePublished": "2003-09-12T04:00:00", "dateReserved": "2003-09-09T00:00:00", "dateUpdated": "2024-08-08T02:05:12.499Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ipswitch:ws_ftp_server:4.01:*:*:*:*:*:*:*", "matchCriteriaId": "44A4DEB6-8E4B-4DAD-911C-DCC26D4C9DCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:progress:ws_ftp_server:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "29B11EAC-796C-43E4-A150-F3FE3F19A058", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments."}, {"lang": "es", "value": "M\u00faltiples desboradamientos de b\u00fafer en WS_FTP 3 y 4 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario mediaten argumentos APPEND o STAT (estado) largos."}], "id": "CVE-2003-0772", "lastModified": "2023-10-11T14:45:44.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-09-22T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=106288825902868&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/9671"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/219140"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/792284"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/8542"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13119"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}