PT-2008-6745 · Ipswitch · Ws Ftp Server Manager

Published

2008-12-19

Updated

2018-10-11

CVE-2008-5693

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Ipswitch WS FTP Server Manager version 6.1.0.0 and earlier

Description The issue allows remote attackers to read the contents of custom ASP files in WSFTPSVR/ by sending a request with an appended dot character.

Recommendations For Ipswitch WS FTP Server Manager version 6.1.0.0 and earlier, consider restricting access to the WSFTPSVR directory to prevent unauthorized reading of custom ASP files until a fix is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2008-5693

Affected Products

Ws Ftp Server Manager

PT-2008-6745 · Ipswitch · Ws Ftp Server Manager

CVE-2008-5693

Weakness Enumeration

Related Identifiers

Affected Products

References · 8