var-200701-0038
Vulnerability from variot
Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors. Ipswitch WS_FTP 2007 Professional is prone to a local memory-corruption vulnerability. This issue occurs when the 'wsbho2k0.dll' library fails to handle specially crafted arguments. Due to the nature of this issue, an attacker may be able to execute arbitrary machine code in the context of the affected kernel, but this has not been confirmed. Failed exploit attempts result in kernel panics, denying service to legitimate users. Ipswitch WS_FTP 2007 Professional is vulnerable to this issue; other versions may also be affected. A buffer overflow vulnerability exists in Ipswitch WS_FTP 2007 Professional's wsbho2k0.dll when used by wsftpurl.exe
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0038",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ws ftp pro",
"scope": "eq",
"trust": 1.6,
"vendor": "ipswitch",
"version": "2007"
},
{
"model": "ws ftp pro",
"scope": "eq",
"trust": 0.8,
"vendor": "ipswitch",
"version": "2007 professional"
},
{
"model": "ws ftp server professional",
"scope": "eq",
"trust": 0.3,
"vendor": "ipswitch",
"version": "2007"
}
],
"sources": [
{
"db": "BID",
"id": "22062"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-280"
},
{
"db": "NVD",
"id": "CVE-2007-0330"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ipswitch:ws_ftp_pro",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michal Bucko is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "22062"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-280"
}
],
"trust": 0.9
},
"cve": "CVE-2007-0330",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2007-0330",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-23692",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-0330",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-0330",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-280",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-23692",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23692"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-280"
},
{
"db": "NVD",
"id": "CVE-2007-0330"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in wsbho2k0.dll, as used by wsftpurl.exe, in Ipswitch WS_FTP 2007 Professional allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long ftp:// URL in an HTML document, and possibly other vectors. Ipswitch WS_FTP 2007 Professional is prone to a local memory-corruption vulnerability. This issue occurs when the \u0027wsbho2k0.dll\u0027 library fails to handle specially crafted arguments. \nDue to the nature of this issue, an attacker may be able to execute arbitrary machine code in the context of the affected kernel, but this has not been confirmed. Failed exploit attempts result in kernel panics, denying service to legitimate users. \nIpswitch WS_FTP 2007 Professional is vulnerable to this issue; other versions may also be affected. A buffer overflow vulnerability exists in Ipswitch WS_FTP 2007 Professional\u0027s wsbho2k0.dll when used by wsftpurl.exe",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
},
{
"db": "BID",
"id": "22062"
},
{
"db": "VULHUB",
"id": "VHN-23692"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-0330",
"trust": 2.5
},
{
"db": "BID",
"id": "22062",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "33476",
"trust": 1.7
},
{
"db": "SREASON",
"id": "2160",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003232",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-280",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20070116 RE: IPSWITCH WS_FTP 2007 PROFESSIONAL \"WSFTPURL\" ACCESS VIOLATION VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070114 RE: IPSWITCH WS_FTP 2007 PROFESSIONAL \"WSFTPURL\" ACCESS VIOLATION VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20070112 IPSWITCH WS_FTP 2007 PROFESSIONAL \"WSFTPURL\" ACCESS VIOLATION VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-23692",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23692"
},
{
"db": "BID",
"id": "22062"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-280"
},
{
"db": "NVD",
"id": "CVE-2007-0330"
}
]
},
"id": "VAR-200701-0038",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23692"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:10:02.774000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "WS_FTP",
"trust": 0.8,
"url": "http://www.ipswitchft.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0330"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/22062"
},
{
"trust": 1.7,
"url": "http://osvdb.org/33476"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/2160"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/456755/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/456901/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/457097/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0330"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0330"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/457097/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/456901/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/456755/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.ipswitch.com/products/ws_ftp/home/index.asp"
},
{
"trust": 0.3,
"url": "/archive/1/456755"
},
{
"trust": 0.3,
"url": "/archive/1/456901"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23692"
},
{
"db": "BID",
"id": "22062"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-280"
},
{
"db": "NVD",
"id": "CVE-2007-0330"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23692"
},
{
"db": "BID",
"id": "22062"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-280"
},
{
"db": "NVD",
"id": "CVE-2007-0330"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-18T00:00:00",
"db": "VULHUB",
"id": "VHN-23692"
},
{
"date": "2007-01-15T00:00:00",
"db": "BID",
"id": "22062"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003232"
},
{
"date": "2007-01-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-280"
},
{
"date": "2007-01-18T02:28:00",
"db": "NVD",
"id": "CVE-2007-0330"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-23692"
},
{
"date": "2007-01-16T18:00:00",
"db": "BID",
"id": "22062"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-003232"
},
{
"date": "2007-02-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-280"
},
{
"date": "2024-11-21T00:25:35.623000",
"db": "NVD",
"id": "CVE-2007-0330"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-280"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipswitch WS_FTP 2007 Professional of wsftpurl.exe Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-003232"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-280"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…