Arbitrary Program Execution Vulnerability in Ipswitch WS_FTP Server 4.0.2

Arbitrary Program Execution Vulnerability in Ipswitch WS_FTP Server 4.0.2

CVE-2004-1885 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe.

Learn more about our Cis Benchmark Audit For Server Software.