Lucene search
PRIOn knowledge basePRION:CVE-2008-5692HistoryDec 19, 2008 - 6:30 p.m.
Authentication flaw
2008-12-1918:30:00
PRIOn knowledge base
www.prio-n.com
3
Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name.
References
aluigi.altervista.org/adv/wsftpweblog-adv.txt
docs.ipswitch.com/WS_FTP_Server611/ReleaseNotes/index.htm?k_id=ipswitch_ftp_documents_worldwide_ws_ftpserverv611releasenotes
secunia.com/advisories/28822
securityreason.com/securityalert/4799
www.securityfocus.com/archive/1/487686/100/200/threaded
www.securityfocus.com/archive/1/487697/100/200/threaded
www.securityfocus.com/bid/27654
www.vupen.com/english/advisories/2008/0473
Related
cve
cve
CVE-2008-5692
2008-12-19 18:30:00
cvelist
cvelist
CVE-2008-5692
2008-12-19 18:00:00
nvd
nvd
CVE-2008-5692
2008-12-19 18:30:00
nessus
nessus
Ipswitch WS_FTP Server Manager /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass
2008-02-08 00:00:00
WS_FTP Server < 6.1.1 Multiple Vulnerabilities
2008-02-08 00:00:00
Ipswitch WS_FTP Server < 6.1.1 Multiple Vulnerabilities
2009-08-24 00:00:00
openvas
openvas
WS_FTP Server <= 6.1.0.0 Security Bypass Vulnerability
2008-12-26 00:00:00
WS_FTP Server Manager Security Bypass Vulnerability
2008-12-26 00:00:00