Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

WS-FTP targeted in the wild

4 views

Skip to first unread message

rek2 hispagatos

unread,

Oct 2, 2023, 11:32:22 AM10/2/23

Progress released fixes for eight separate vulnerabilities in
WS_FTP on Wednesday, including one rated a maximum score of 10
on the CVSS severity scale. Days later, the company said
there was no evidence of exploitation at the time... ! O_O

But...

Security researchers have spotted what they believe to be
a "possible mass exploitation" of vulnerabilities in Progress
Software's WS_FTP Server. Researchers at Rapid7 began
noticing evidence of exploitation on 30 September across
multiple instances of WS_FTP.

I am even surprised people still use WS_FTP instead of lets say SFTP/SCP
etc ... :facepalm:

Happy Hacking
ReK2

--
- {gemini,https}://{,rek2.}hispagatos.org - mastodon: @re...@hispagatos.space
- [https|gemini]://2600.Madrid - https://hispagatos.space/@rek2
- https://keyoxide.org/A31C7CE19D9C58084EA42BA26C0B0D11E9303EC5

rek2 hispagatos

unread,

Oct 2, 2023, 11:41:47 AM10/2/23

>
> I am even surprised people still use WS_FTP instead of lets say SFTP/SCP
> etc ... :facepalm:

Forgot to add the link:
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023

0 new messages