Vulnerability Details : CVE-2004-1885
Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe.
Products affected by CVE-2004-1885
- cpe:2.3:a:progress:ws_ftp_server:4.0.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-1885
38.68%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-1885
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2004-1885
-
http://marc.info/?l=bugtraq&m=108006581418116&w=2
'Open the WS_FTP Server backdoor to SYSTEM' - MARC
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/15558
Ipswitch WS_FTP Server SITE FTP privilege escalation CVE-2004-1885 Vulnerability Report
-
http://www.securityfocus.com/bid/9953
Exploit
-
http://secunia.com/advisories/11206
About Secunia Research | FlexeraExploit;Patch
Jump to