1. Forum
  2. USENET
  3. alt.2600.hackers

  • WS-FTP targeted in the wild

    From rek2 hispagatos@rek2@hispagatos.org.invalid to alt.2600.hackers,alt.2600,hispagatos.talk on Mon Oct 2 15:32:20 2023
    From Newsgroup: alt.2600.hackers

    Progress released fixes for eight separate vulnerabilities in
    WS_FTP on Wednesday, including one rated a maximum score of 10
    on the CVSS severity scale. Days later, the company said
    there was no evidence of exploitation at the time... ! O_O

    But...

    Security researchers have spotted what they believe to be
    a "possible mass exploitation" of vulnerabilities in Progress
    Software's WS_FTP Server. Researchers at Rapid7 began
    noticing evidence of exploitation on 30 September across
    multiple instances of WS_FTP.


    I am even surprised people still use WS_FTP instead of lets say SFTP/SCP
    etc ... :facepalm:


    Happy Hacking
    ReK2
    --
    - {gemini,https}://{,rek2.}hispagatos.org - mastodon: @rek2@hispagatos.space
    - [https|gemini]://2600.Madrid - https://hispagatos.space/@rek2
    - https://keyoxide.org/A31C7CE19D9C58084EA42BA26C0B0D11E9303EC5
    --- Synchronet 3.21d-Linux NewsLink 1.2
  • From rek2 hispagatos@rek2@hispagatos.org.invalid to alt.2600.hackers,alt.2600,hispagatos.talk on Mon Oct 2 15:41:45 2023
    From Newsgroup: alt.2600.hackers


    I am even surprised people still use WS_FTP instead of lets say SFTP/SCP
    etc ... :facepalm:

    Forgot to add the link: https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023

    Happy Hacking
    ReK2
    --
    - {gemini,https}://{,rek2.}hispagatos.org - mastodon: @rek2@hispagatos.space
    - [https|gemini]://2600.Madrid - https://hispagatos.space/@rek2
    - https://keyoxide.org/A31C7CE19D9C58084EA42BA26C0B0D11E9303EC5
    --- Synchronet 3.21d-Linux NewsLink 1.2