Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » IPSwitch WS_FTP Server Passive Mode Session Hijacking Vulnerability

IPSwitch WS_FTP Server Passive Mode Session Hijacking Vulnerability

by Nikola Strahija on October 28th, 2002 Ipswitch WS_FTP Server is a FTP server for Microsoft Windows platforms. WS_FTP Server is vulnerable to session hijacking during passive connections.



WS_FTP Server is vulnerable to session hijacking. When a passive connection is initiated by a user, it is possible for another user to connect to the port opened by the FTP server and gain access to half of the open session by the user. This could result in the disclosure of arbitrary information.

Vulnerability is remote and there is no exploit code yet.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »