CVE-2006-5000

Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.

Published: Sep 26, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-5000
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ipswitch / ws_ftp_server	5.02	5.02.x
ipswitch / ws_ftp_server	5.05	5.05.x
ipswitch / ws_ftp_server	5.03	5.03.x
progress / ws_ftp_server	5.0.2	5.0.2.x

http://securitytracker.com/id?1016935
http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.asp
http://www.securityfocus.com/archive/1/447077/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-06-029.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/41829

Vulnerability Database

289,697

CVE-2006-5000