CVE-2003-0772

WS_FTP Server 3-4 - Authenticated Buffer Overflow via APPE or STAT Arguments

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0772. PoCs published by xfocus.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Ipswitch WS_FTP Server via the STAT command. It includes shellcode for a bind shell on port 1981 and is designed to execute arbitrary code in the context of the server.

Description

Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.

Exploits (1)

exploitdb WORKING POC VERIFIED

by xfocus · cremotewindows

https://www.exploit-db.com/exploits/23100

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Ipswitch WS_FTP Server via the STAT command. It includes shellcode for a bind shell on port 1981 and is designed to execute arbitrary code in the context of the server.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ipswitch WS_FTP Server 4.0.1.EVAL

Auth required

Prerequisites: Valid FTP credentials · Network access to the target server

MITRE ATT&CK