Sign-up

ID

VAR-200808-0121


CVE

CVE-2008-3734


TITLE

Ipswitch WS_FTP Home 2007 Format string vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2008-004778

DESCRIPTION

Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection greeting (response). Ipswitch WS_FTP client is prone to a format-string vulnerability it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. This issue affects the WS_FTP Home and WS_FTP Professional clients. ---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: WS_FTP Home / Professional Format String Vulnerability SECUNIA ADVISORY ID: SA31504 VERIFY ADVISORY: http://secunia.com/advisories/31504/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: Ipswitch WS_FTP Professional 2007 http://secunia.com/product/13838/ Ipswitch WS_FTP Home 2007 http://secunia.com/product/19609/ DESCRIPTION: securfrog has discovered a vulnerability in WS_FTP Home and Professional, which can be exploited by malicious people to potentially compromise a user's system. This can be exploited by e.g. tricking a user into connecting to a malicious FTP server. Successful exploitation may allow the execution of arbitrary code. Other versions may also be affected. SOLUTION: Connect to trusted servers only. PROVIDED AND/OR DISCOVERED BY: securfrog ORIGINAL ADVISORY: http://milw0rm.com/exploits/6257 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-3734 // JVNDB: JVNDB-2008-004778 // BID: 30720 // VULHUB: VHN-33859 // PACKETSTORM: 69208

AFFECTED PRODUCTS

vendor:ipswitchmodel:ws ftp homescope:eqversion:2007.0.0.2

Trust: 2.4

vendor:ipswitchmodel:ws ftp proscope:eqversion:2007.1.0.0

Trust: 2.4

vendor:ipswitchmodel:ws ftp proscope:eqversion:8.03

Trust: 0.3

vendor:ipswitchmodel:ws ftp proscope:eqversion:8.02

Trust: 0.3

vendor:ipswitchmodel:ws ftp proscope:eqversion:7.5

Trust: 0.3

vendor:ipswitchmodel:ws ftp proscope:eqversion:6.0

Trust: 0.3

vendor:ipswitchmodel:ws ftp proscope:eqversion:5

Trust: 0.3

vendor:ipswitchmodel:ws ftp proscope:eqversion:0

Trust: 0.3

vendor:ipswitchmodel:ws ftp homescope:eqversion:0

Trust: 0.3

sources: BID: 30720 // JVNDB: JVNDB-2008-004778 // CNNVD: CNNVD-200808-272 // NVD: CVE-2008-3734

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-3734
value: HIGH

Trust: 1.0

NVD: CVE-2008-3734
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200808-272
value: CRITICAL

Trust: 0.6

VULHUB: VHN-33859
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-3734
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-33859
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-33859 // JVNDB: JVNDB-2008-004778 // CNNVD: CNNVD-200808-272 // NVD: CVE-2008-3734

PROBLEMTYPE DATA

problemtype:CWE-134

Trust: 1.8

sources: JVNDB: JVNDB-2008-004778 // NVD: CVE-2008-3734

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200808-272

TYPE

format string

Trust: 0.6

sources: CNNVD: CNNVD-200808-272

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-004778

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-33859

PATCH
title:WS_FTP Home 2007 Hotfix 1url:http://www.ipswitch.com/support/ws_ftp/home/releases/wsh2007hf1.asp
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-004778

EXTERNAL IDS
db:NVDid:CVE-2008-3734
Trust: 2.8
db:BIDid:30720
Trust: 2.0
db:SECUNIAid:31504
Trust: 1.9
db:EXPLOIT-DBid:6257
Trust: 1.8
db:SREASONid:4173
Trust: 1.7
db:SECTRACKid:1020713
Trust: 1.7
db:SECTRACKid:1020714
Trust: 1.7
db:JVNDBid:JVNDB-2008-004778
Trust: 0.8
db:MILW0RMid:6257
Trust: 0.6
db:XFid:44512
Trust: 0.6
db:CNNVDid:CNNVD-200808-272
Trust: 0.6
db:VULHUBid:VHN-33859
Trust: 0.1
db:PACKETSTORMid:69208
Trust: 0.1
sources:
            
            
            VULHUB: VHN-33859 // 
            
            
            
            BID: 30720 // 
            
            
            
            JVNDB: JVNDB-2008-004778 // 
            
            
            
            PACKETSTORM: 69208 // 
            
            
            
            CNNVD: CNNVD-200808-272 // 
            
            
            
            NVD: CVE-2008-3734

REFERENCES
url:http://www.securityfocus.com/bid/30720
Trust: 1.7
url:http://www.securitytracker.com/id?1020713
Trust: 1.7
url:http://www.securitytracker.com/id?1020714
Trust: 1.7
url:http://secunia.com/advisories/31504
Trust: 1.7
url:http://securityreason.com/securityalert/4173
Trust: 1.7
url:https://www.exploit-db.com/exploits/6257
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/44512
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3734
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3734
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/44512
Trust: 0.6
url:http://www.milw0rm.com/exploits/6257
Trust: 0.6
url:http://www.ipswitchft.com/products/ws_ftp_home/
Trust: 0.3
url:http://www.ipswitchft.com/products/ws_ftp_professional/
Trust: 0.3
url:http://secunia.com/advisories/31504/
Trust: 0.1
url:http://milw0rm.com/exploits/6257
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/19609/
Trust: 0.1
url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/secunia_security_specialist/
Trust: 0.1
url:http://corporate.secunia.com/about_secunia/64/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/13838/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-33859 // 
            
            
            
            BID: 30720 // 
            
            
            
            JVNDB: JVNDB-2008-004778 // 
            
            
            
            PACKETSTORM: 69208 // 
            
            
            
            CNNVD: CNNVD-200808-272 // 
            
            
            
            NVD: CVE-2008-3734

CREDITS
securfrog※ securfrog@gmail.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200808-272

SOURCES
db:VULHUBid:VHN-33859
db:BIDid:30720
db:JVNDBid:JVNDB-2008-004778
db:PACKETSTORMid:69208
db:CNNVDid:CNNVD-200808-272
db:NVDid:CVE-2008-3734

LAST UPDATE DATE
2025-04-10T23:17:58.887000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-33859date:2017-09-29T00:00:00
db:BIDid:30720date:2015-05-07T17:24:00
db:JVNDBid:JVNDB-2008-004778date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200808-272date:2009-01-29T00:00:00
db:NVDid:CVE-2008-3734date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-33859date:2008-08-20T00:00:00
db:BIDid:30720date:2008-08-17T00:00:00
db:JVNDBid:JVNDB-2008-004778date:2012-09-25T00:00:00
db:PACKETSTORMid:69208date:2008-08-19T18:45:56
db:CNNVDid:CNNVD-200808-272date:2008-08-20T00:00:00
db:NVDid:CVE-2008-3734date:2008-08-20T16:41:00