 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2008-5692 |
| Description: | Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-5692 BugTraq ID: 27654 http://www.securityfocus.com/bid/27654 Bugtraq: 20080206 Logs visualization in WS_FTP Server Manager 6.1.0.0 (Google Search) http://www.securityfocus.com/archive/1/487686/100/200/threaded Bugtraq: 20080206 Re: Logs visualization in WS_FTP Server Manager 6.1.0.0 (Google Search) http://www.securityfocus.com/archive/1/487697/100/200/threaded http://aluigi.altervista.org/adv/wsftpweblog-adv.txt http://secunia.com/advisories/28822 http://securityreason.com/securityalert/4799 http://www.vupen.com/english/advisories/2008/0473 |