CERT TEAM: Critical Vulnerability Detected in WS_FTP Server
1 Votes |
Description
CERT TEAM - Critical Vulnerability Detected
CVE-2023-42657
Critical Vulnerability Detected in WS_FTP ServerIn WS_FTP Server versions prior to 8.7.4 and 8.8.2, a directory traversal vulnerability was discovered. An attacker could leverage this vulnerability to perform file operations (delete, rename, rmdir, mkdir) on files and folders outside of their authorized WS_FTP folder path. Attackers could also escape the context of the WS_FTP Server file structure and perform the same level of operations (delete, rename, rmdir, mkdir) on file and folder locations on the underlying operating system.
Publication Date: | 2023-09-27 |
Last Modified: | 2023-09-29 |
CVSS 3 Score: | 9.6 (Critical) |
NVD CWEs
CWE-ID | CWE Name | Source |
---|---|---|
CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | NIST Reference, Progress Software Corporation |
Version Detections
OS | Product | Version |
---|---|---|
Any Version of Windows | WS_FTP Server | < 8.7.4 |
Any Version of Windows | WS_FTP Server | >= 8.8.0 < 8.8.2 |
Reference URLs
URL | Tags |
---|---|
https://nvd.nist.gov/vuln/detail/CVE-2023-42657 | NVD Reference |
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 | Vendor Advisory |
https://www.progress.com/ws_ftp | Product |
Property Details
27009 | |
Beta - Preliminary testing ready for more | |
CERT TEAM: Critical Vulnerability Detected in WS_FTP Server | |
BESC | |
Server Software | |
HCL CERT TEAM | |
CVE-2023-42657 | |
CVSS3: CRITICAL | |
10/2/2023 12:00:00 AM | |
CVE-2023-42657 | |
WS_FTP, CERT, vulnerability | |
JasonWalker on 10/2/2023 2:16:38 PM | |
JasonWalker on 10/2/2023 2:16:38 PM | |
1237 Views / 20 Downloads | |
* Average over 0 ratings. ** Log In or Register to add your rating. |
Relevance
Used in 1 fixlet | * Results in a true/false |
exists keys whose ( ( exists value "DisplayName" of it AND (it as String) of value "DisplayName" of it contains "WS_FTP Server" ) AND ( exists value "DisplayVersion" of it ) AND ( ((it as String as Version) of value "DisplayVersion" of it < "8.7.4" as Version) OR ( ((it as String as Version) of value "DisplayVersion" of it >= "8.8.0" as Version) AND ((it as String as Version) of value "DisplayVersion" of it < "8.8.2" as Version) ) ) ) of keys "HKLM\software\microsoft\windows\currentversion\uninstall" of ( x32 registries;x64 registries)
Used in 1 fixlet | * Results in a true/false |
exists (service names of it, display name of it) whose (item 0 of it as lowercase contains "ws_ftp" or item 1 of it as lowercase contains "ws_ftp") of all running services whose (exists service name of it)
Actions
Action 1 (default)
Action Link Click
here to stop all WS_FTP services.
Script Type
BigFix Action Script
delete "_appendfile"Success Criteria
delete "stop_services.cmd"
appendfile { concatenation "%0d%0a" of ("sc stop %22" & item 0 of it & "%22") of (service names of it, display name of it) whose (item 0 of it as lowercase contains "ws_ftp" or item 1 of it as lowercase contains "ws_ftp") of all running services whose (exists service name of it) }
move __appendfile "stop_services.cmd"
waithidden "stop_services.cmd"
This action will be considered successful when the applicability relevance evaluates to false.
Sharing
Social Media: |