Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » IPSwitch WS_FTP Server FTP Bounce Vulnerability

IPSwitch WS_FTP Server FTP Bounce Vulnerability

by Nikola Strahija on October 28th, 2002 Ipswitch WS_FTP Server is a FTP server for Microsoft Windows platforms. WS_FTP Server is vulnerable to a FTP bounce attack when a user submits a specially crafted FTP command.


It is possible for a user accessing a vulnerable FTP server to send data to other systems. By using the PORT command to specify a different host and port from the host that is the origin of the connection, it is possible for a user to send data to the specified host that may be malicious. This could result in the proxying of arbitrary requests by a user through the system using the vulnerable software.

Vulnerability is remote and there is no exploit code yet.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »