Test Kennung:	1.3.6.1.4.1.25623.1.0.900451
Kategorie:	FTP
Titel:	WS_FTP Server <= 6.1.0.0 Security Bypass Vulnerability
Zusammenfassung:	WS_FTP Server is prone to a security bypass vulnerability.
Beschreibung:	Summary: WS_FTP Server is prone to a security bypass vulnerability. Vulnerability Insight: This flaw is due to - an error within the WS_FTP Server Manager when processing HTTP requests for the FTPLogServer/LogViewer.asp script. - less access control in custom ASP Files in WSFTPSVR/ via a request with the appended dot characters which causes disclosure of .asp file contents. Vulnerability Impact: Successful exploitation will let the attacker execute arbitrary codes in the compressed rar archive and can cause memory corruption or buffer overflows. Affected Software/OS: Ipswitch WS_FTP Server version 6.1.0.0 and prior. Solution: Update to version 6.1.1 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5692 BugTraq ID: 27654 http://www.securityfocus.com/bid/27654 Bugtraq: 20080206 Logs visualization in WS_FTP Server Manager 6.1.0.0 (Google Search) http://www.securityfocus.com/archive/1/487686/100/200/threaded Bugtraq: 20080206 Re: Logs visualization in WS_FTP Server Manager 6.1.0.0 (Google Search) http://www.securityfocus.com/archive/1/487697/100/200/threaded http://aluigi.altervista.org/adv/wsftpweblog-adv.txt http://secunia.com/advisories/28822 http://securityreason.com/securityalert/4799 http://www.vupen.com/english/advisories/2008/0473 Common Vulnerability Exposure (CVE) ID: CVE-2008-5693 XForce ISS Database: wsftpserver-wsftpsvr-info-disclosure(47677) https://exchange.xforce.ibmcloud.com/vulnerabilities/47677
Copyright	Copyright (C) 2008 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.