Details of VAR-201004-0085

ID

VAR-201004-0085

CVE

CVE-2009-4775

TITLE

Ipswitch WS_FTP Professional HTTP Server Response Format String Vulnerability

Trust: 0.9

sources: BID: 36297 // CNNVD: CNNVD-201004-347

DESCRIPTION

Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response. Ipswitch WS_FTP Professional client is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. WS_FTP Professional 12 is vulnerable; other versions may also be affected. Ipswitch WS_FTP is a widely used FTP server program that can be used under Microsoft NT/2000/XP operating system

Trust: 1.98

sources: NVD: CVE-2009-4775 // JVNDB: JVNDB-2010-004388 // BID: 36297 // VULHUB: VHN-42221

AFFECTED PRODUCTS

vendor:	ipswitch	model:	ws ftp	scope:	eq	version:	12.0	Trust: 1.6
vendor:	ipswitch	model:	ws ftp	scope:	eq	version:	12.0.1	Trust: 1.6
vendor:	ipswitch	model:	ws ftp	scope:	lt	version:	12.2 professional 12	Trust: 0.8
vendor:	ipswitch	model:	ws ftp professional	scope:	eq	version:	12	Trust: 0.3
vendor:	ipswitch	model:	ws ftp pro	scope:	eq	version:	0	Trust: 0.3
vendor:	ipswitch	model:	ws ftp professional	scope:	ne	version:	12.2	Trust: 0.3

sources: BID: 36297 // JVNDB: JVNDB-2010-004388 // CNNVD: CNNVD-201004-347 // NVD: CVE-2009-4775

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2009-4775
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2009-4775
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201004-347
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-42221
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2009-4775
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-42221
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-42221 // JVNDB: JVNDB-2010-004388 // CNNVD: CNNVD-201004-347 // NVD: CVE-2009-4775

PROBLEMTYPE DATA

problemtype:

CWE-134

Trust: 1.8

sources: JVNDB: JVNDB-2010-004388 // NVD: CVE-2009-4775

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201004-347

TYPE

format string

Trust: 0.6

sources: CNNVD: CNNVD-201004-347

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-004388

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-42221

PATCH

title:	Fixed in 12.2	url:	http://docs.ipswitch.com/WS_FTP%20122/ReleaseNotes/English/index.htm?k_id=ipswitch_com_ftp_documents_worldwide_ws_ftp122releasenotesenglish#link23	Trust: 0.8
title:	WS_FTP Professional 12	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=26	Trust: 0.6

sources: JVNDB: JVNDB-2010-004388 // CNNVD: CNNVD-201004-347

EXTERNAL IDS

db:	NVD	id:	CVE-2009-4775	Trust: 2.5
db:	BID	id:	36297	Trust: 2.0
db:	EXPLOIT-DB	id:	9607	Trust: 1.7
db:	JVNDB	id:	JVNDB-2010-004388	Trust: 0.8
db:	CNNVD	id:	CNNVD-201004-347	Trust: 0.7
db:	MILW0RM	id:	9607	Trust: 0.6
db:	XF	id:	53098	Trust: 0.6
db:	VULHUB	id:	VHN-42221	Trust: 0.1

sources: VULHUB: VHN-42221 // BID: 36297 // JVNDB: JVNDB-2010-004388 // CNNVD: CNNVD-201004-347 // NVD: CVE-2009-4775

REFERENCES

url:	http://docs.ipswitch.com/ws_ftp%20122/releasenotes/english/index.htm?k_id=ipswitch_com_ftp_documents_worldwide_ws_ftp122releasenotesenglish#link23	Trust: 2.0
url:	http://www.securityfocus.com/bid/36297	Trust: 1.7
url:	http://www.packetstormsecurity.org/0909-exploits/nocoolnameforawsftppoc.pl.txt	Trust: 1.7
url:	http://www.exploit-db.com/exploits/9607	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/53098	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4775	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-4775	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/53098	Trust: 0.6
url:	http://www.milw0rm.com/exploits/9607	Trust: 0.6
url:	http://www.ipswitchft.com/products/ws_ftp_professional/	Trust: 0.3

sources: VULHUB: VHN-42221 // BID: 36297 // JVNDB: JVNDB-2010-004388 // CNNVD: CNNVD-201004-347 // NVD: CVE-2009-4775

CREDITS

Jeremy Brown

Trust: 0.9

sources: BID: 36297 // CNNVD: CNNVD-201004-347

SOURCES

db:	VULHUB	id:	VHN-42221
db:	BID	id:	36297
db:	JVNDB	id:	JVNDB-2010-004388
db:	CNNVD	id:	CNNVD-201004-347
db:	NVD	id:	CVE-2009-4775

LAST UPDATE DATE

2025-04-11T22:50:38.909000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-42221	date:	2017-09-19T00:00:00
db:	BID	id:	36297	date:	2010-03-12T17:02:00
db:	JVNDB	id:	JVNDB-2010-004388	date:	2012-09-25T00:00:00
db:	CNNVD	id:	CNNVD-201004-347	date:	2010-04-21T00:00:00
db:	NVD	id:	CVE-2009-4775	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-42221	date:	2010-04-21T00:00:00
db:	BID	id:	36297	date:	2009-09-07T00:00:00
db:	JVNDB	id:	JVNDB-2010-004388	date:	2012-09-25T00:00:00
db:	CNNVD	id:	CNNVD-201004-347	date:	2010-04-21T00:00:00
db:	NVD	id:	CVE-2009-4775	date:	2010-04-21T14:30:00.507