Ipswitch WS_FTP Server < 6.1.1 Multiple Vulnerabilities (uncredentialed check)

This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.

Synopsis :

The remote FTP server is affected by multiple vulnerabilities.

Description :

According to its banner, the remote host is running a version of
WS_FTP earlier than 6.1.1. Such versions are reportedly affected by
multiple vulnerabilities :

- Improper handling of UDP packets within the FTP log
server may allow an attacker to crash the affected
service. (CVE-2008-0608)

- There is a buffer overflow vulnerability in the SSH
Server service that can be triggered when handling
arguments to the 'opendir' command. (CVE-2008-0590)

- An attacker can exploit a vulnerability in the
'FTPLogServer/LogViewer.asp' script to gain access to
the log viewing interface. (CVE-2008-5692)

See also :


Solution :

Upgrade to WS_FTP Server 6.1.1 or later.

Risk factor :

High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.0
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 40772 ()

Bugtraq ID: 27573

CVE ID: CVE-2008-0590

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial