Vulnerability Description
Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3) XSHA1 commands. NOTE: in the early publication of this identifier on 20060926, the description was used for the wrong issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ipswitch | Ws Ftp Server | 5.02 |
| Progress | Ws Ftp Server | 5.0.2 |
References
- http://securitytracker.com/id?1016935
- http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.aspPatch
- http://www.securityfocus.com/archive/1/447077/100/0/threaded
- http://www.zerodayinitiative.com/advisories/ZDI-06-029.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41829
- http://securitytracker.com/id?1016935
- http://www.ipswitch.com/support/ws_ftp-server/releases/wr505hf1.aspPatch
- http://www.securityfocus.com/archive/1/447077/100/0/threaded
- http://www.zerodayinitiative.com/advisories/ZDI-06-029.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41829
FAQ
What is CVE-2006-5000?
CVE-2006-5000 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Multiple buffer overflows in WS_FTP Server 5.05 before Hotfix 1, and possibly other versions down to 5.0, have unknown impact and remote authenticated attack vectors via the (1) XCRC, (2) XMD5, and (3...
How severe is CVE-2006-5000?
CVE-2006-5000 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5000?
Check the references section above for vendor advisories and patch information. Affected products include: Ipswitch Ws Ftp Server, Progress Ws Ftp Server.