CVE-2004-1883

WS_FTP Server 4.0.2 - Authenticated Buffer Overflow via ALLO Handler or STAT Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1883. PoCs published by Hugh Mann.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Ipswitch WS_FTP Server <= 4.0.2 via the ALLO command. It leverages a stack-based overflow to execute arbitrary code, with detailed memory manipulation and shellcode injection techniques.

Description

Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Hugh Mann · cremotewindows

https://www.exploit-db.com/exploits/165

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Ipswitch WS_FTP Server <= 4.0.2 via the ALLO command. It leverages a stack-based overflow to execute arbitrary code, with detailed memory manipulation and shellcode injection techniques.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Ipswitch WS_FTP Server <= 4.0.2

Auth required

Prerequisites: Valid FTP credentials · Network access to the target server

MITRE ATT&CK