lists.openwall.net   lists  /  announce  john-users  owl-users  popa3d-users  /  xvendor  oss-security  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4 
Open Source and information security mailing list archives
 
This website is powered by Openwall GNU/*/Linux security-enhanced OS
[<prev] [next>] [month] [year] [list] 
Date: 2 Feb 2007 23:54:04 -0000
From: michal.bucko@...k.pl
To: bugtraq@...urityfocus.com
Subject: Re: Re: Ipswitch WS_FTP Server 5.04 multiple arbitrary code
 execution vulnerabilities

Steve,

I agree that both: iFTPAddU and iFTPAddH resemble administrator-level controls. Moreover, they are administrator-level controls. But, as ZARAZA said, the problem still remains. The successful exploitation of the issues might result in privilege escalation, therefore I called the aforementioned issues - the vulnerabilities. 

kind rgds,
michal "jest" be.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux