CVE Vulnerabilities

CVE-2004-1884

Published: Mar 23, 2004 | Modified: Aug 13, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Ipswitch WS_FTP Server 4.0.2 has a backdoor XXSESS_MGRYY username with a default password, which allows remote attackers to gain access.

Affected Software

Name Vendor Start Version End Version
Ws_ftp_pro Ipswitch 6.0 6.0
Ws_ftp_pro Ipswitch 7.5 7.5
Ws_ftp_pro Ipswitch 8.0_2 8.0_2
Ws_ftp_pro Ipswitch 8.0_3 8.0_3
Ws_ftp_server Ipswitch 3.0_1 3.0_1
Ws_ftp_server Ipswitch 4.01 4.01
Ipswitch_ws_ftp_server Progress 1.0.1 1.0.1
Ipswitch_ws_ftp_server Progress 1.0.2 1.0.2
Ipswitch_ws_ftp_server Progress 1.0.3 1.0.3
Ipswitch_ws_ftp_server Progress 1.0.4 1.0.4
Ipswitch_ws_ftp_server Progress 1.0.5 1.0.5
Ipswitch_ws_ftp_server Progress 2.0 2.0
Ipswitch_ws_ftp_server Progress 2.0.1 2.0.1
Ipswitch_ws_ftp_server Progress 2.0.2 2.0.2
Ipswitch_ws_ftp_server Progress 2.0.3 2.0.3
Ipswitch_ws_ftp_server Progress 2.0.4 2.0.4
Ipswitch_ws_ftp_server Progress 3.0 3.0
Ipswitch_ws_ftp_server Progress 3.1 3.1
Ipswitch_ws_ftp_server Progress 3.1.1 3.1.1
Ipswitch_ws_ftp_server Progress 3.1.2 3.1.2
Ipswitch_ws_ftp_server Progress 3.1.3 3.1.3
Ipswitch_ws_ftp_server Progress 3.4 3.4
Ipswitch_ws_ftp_server Progress 4.0 4.0
Ipswitch_ws_ftp_server Progress 4.0.2 4.0.2

References