Hello list,
we use WSFTP SERVER version 2.02 and we realized some abuse today. There
might be a HOLE within WSFTP SERVER with the problem of an authorized
visitor creating a NEW USER ACCOUNT with ROOT ACCESS and HOST/ADMINISTRATOR
RIGHTS. He was able to upload or download any files!
How can an EXPLOIT occur?
* buffer overload ?
* cmd.exe
* etc. ?
... and how can a repeat offense be prevented in the future ?
We have upgraded our software from 2.02 to 2.03 today and removed the
vulnerable FTP account.
Any help would be more than appreciated.
Cheers,
Marc
Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from
this list.
