Re: Ipswitch WS_FTP 2007 Professional "wsftpurl" access violation vulnerability
Dear sapheal@xxxxxxx,
shp> conditions. However, as the issue involves the control that is not
shp> marked safe for scripting nor for initialization, it cannot be
shp> exploited remotely. Moreover, as for know I have not proved it is
shp> exploitable.
shp> Unhandled exception at 0x7c840a81 in wsftpurl.exe:
shp> 0xC0000005: Access violation reading location 0x41414141.
shp> In order to analyze the vulnerability one might execute
shp> wsftpurl.exe with a long argument.
Pretending this vulnerability IS exploitable, what is security impact
from it? What can you achieve by exploiting this vulnerability you cant
archive without it?
--
~/ZARAZA
http://www.security.nnov.ru/
Reasoning depends upon programming, not on hardware and we are the
ultimate program! (Frank Herbert).