Ipswitch WS_FTP Server Manager /WSFTPSVR/FTPLogServer/LogViewer.asp Authentication Bypass

medium Nessus Plugin ID 30208

Synopsis

The remote web server is affected by an authentication bypass vulnerability.

Description

The remote host is running WS_FTP Server Manager, also known as WS_FTP WebService, a web-based administration tool included, for example, with Ipswitch WS_FTP Server.

The version of WS_FTP Server Manager installed on the remote host allows an attacker by bypass authentication and gain access to ASP scripts in the '/WSFTPSVR/FTPLogServer' folder by first calling the login script to obtain a session cookie. By leveraging this issue, an attacker can view log entries collected by the Logger Server, which may contain sensitive information. The attacker can not, though, otherwise gain administrative control of the affected application.

Solution

Upgrade to WS_FTP Server Manager 6.1.1 or later.

See Also

http://aluigi.altervista.org/adv/wsftpweblog-adv.txt

https://seclists.org/bugtraq/2008/Feb/56

https://seclists.org/bugtraq/2008/Feb/67

https://docs.ipswitch.com/WS_FTP_Server611/ReleaseNotes/index.htm

Plugin Details

Severity: Medium

ID: 30208

File Name: ipswitch_wsftpwebservice_auth_bypass.nasl

Version: 1.19

Type: remote

Family: CGI abuses

Published: 2/8/2008

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.8

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:ipswitch:ws_ftp

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2008-5692

BID: 27654

CWE: 287

Secunia: 28822