Vulnerabilities > CVE-2006-4847

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ipswitch

progress

exploit available

metasploit

NVD

Published: 2006-09-19

Updated: 2023-10-11

Summary

Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.

Vulnerable Configurations

Part	Description	Count
Application	Ipswitch Ipswitch WS FTP Server 5.02 Ipswitch WS FTP Server 4.01 Ipswitch WS FTP Server 3.0_1 Ipswitch WS FTP Server 1.0.1Eval Ipswitch WS FTP Server 5.03 Ipswitch WS FTP Server 1.0.2Eval	6
Application	Progress Progress WS FTP Server 1.0.1 Progress WS FTP Server 1.0.1.E Progress WS FTP Server 1.0.2 Progress WS FTP Server 1.0.2.E Progress WS FTP Server 1.0.3 Progress WS FTP Server 1.0.4 Progress WS FTP Server 1.0.5 Progress WS FTP Server 2.0 Progress WS FTP Server 2.0.1 Progress WS FTP Server 2.0.2 Progress WS FTP Server 2.0.3 Progress WS FTP Server 2.0.4 Progress WS FTP Server 3.0 Progress WS FTP Server 3.1 Progress WS FTP Server 3.1.1 Progress WS FTP Server 3.1.2 Progress WS FTP Server 3.1.3 Progress WS FTP Server 3.4 Progress WS FTP Server 4.0 Progress WS FTP Server 4.0.2 Progress WS FTP Server - Progress WS FTP Server 4.0.1 Progress WS FTP Server 5.0.2 Progress WS FTP Server 5.0.3 Progress WS FTP Server 5.0.4 Progress WS FTP Server 5.0.5 Progress WS FTP Server 5.0.8	27

Exploit-Db

description	Ipswitch WS_FTP Server 5.05 XMD5 Overflow. CVE-2006-4847. Remote exploit for windows platform
id	EDB-ID:16717
last seen	2016-02-02
modified	2010-04-30
published	2010-04-30
reporter	metasploit
source	https://www.exploit-db.com/download/16717/
title	Ipswitch WS_FTP Server 5.05 - XMD5 Overflow

description	IPSwitch WS-FTP 5.05 (XMD5) Remote Buffer Overflow Exploit (meta). CVE-2006-4847. Remote exploit for windows platform
id	EDB-ID:3335
last seen	2016-01-31
modified	2007-02-19
published	2007-02-19
reporter	Jacopo Cervini
source	https://www.exploit-db.com/download/3335/
title	IPSwitch WS-FTP 5.05 XMD5 Remote Buffer Overflow Exploit meta

Metasploit

description	This module exploits a buffer overflow in the XMD5 verb in IPSWITCH WS_FTP Server 5.05.
id	MSF:EXPLOIT/WINDOWS/FTP/WSFTP_SERVER_505_XMD5
last seen	2020-01-13
modified	2017-07-24
published	2006-09-27
references	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4847
reporter	Rapid7
source	https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/ftp/wsftp_server_505_xmd5.rb
title	Ipswitch WS_FTP Server 5.05 XMD5 Overflow

Packetstorm

data source	https://packetstormsecurity.com/files/download/82965/wsftp_server_505_xmd5.rb.txt
id	PACKETSTORM:82965
last seen	2016-12-05
published	2009-11-26
reporter	MC
source	https://packetstormsecurity.com/files/82965/Ipswitch-WS_FTP-Server-5.05-XMD5-Overflow.html
title	Ipswitch WS_FTP Server 5.05 XMD5 Overflow

Saint

bid	20076
description	WS_FTP XCRC buffer overflow
id	ftp_wsftp
osvdb	28939
title	ws_ftp_xcrc
type	remote

Vulnerabilities > CVE-2006-4847 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2006-4847"}]}

Summary

Vulnerable Configurations

Exploit-Db

Metasploit

Packetstorm

Saint

References

Vulnerabilities > CVE-2006-4847