[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97147

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-5693

Date: (C)2008-12-19   (M)2017-08-08 


Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly other Ipswitch products, might allow remote attackers to read the contents of custom ASP files in WSFTPSVR/ via a request with an appended dot character.

CVSS Score: 5.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE





Reference:
http://www.securityfocus.com/archive/1/archive/1/487686/100/200/threaded
http://www.securityfocus.com/archive/1/archive/1/487697/100/200/threaded
BID-27654
SREASON-4799
http://aluigi.altervista.org/adv/wsftpweblog-adv.txt
wsftpserver-wsftpsvr-info-disclosure(47677)

CPE    22
cpe:/a:ipswitch:ws_ftp:3.1.2
cpe:/a:ipswitch:ws_ftp:3.1.3
cpe:/a:ipswitch:ws_ftp:3.1.0
cpe:/a:ipswitch:ws_ftp:3.0.1
...
CWE    1
CWE-20

© 2013 SecPod Technologies