Ipswitch WS_FTP Server < 6.1.1 Multiple Vulnerabilities (uncredentialed check)

This script is Copyright (C) 2009-2012 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by multiple vulnerabilities.

Description :

According to its banner, the remote host is running a version of
WS_FTP earlier than 6.1.1. Such versions are reportedly affected by
multiple vulnerabilities :

- Improper handling of UDP packets within the FTP log
server may allow an attacker to crash the affected
service. (CVE-2008-0608)

- There is a buffer overflow vulnerability in the SSH
Server service that can be triggered when handling
arguments to the 'opendir' command. (CVE-2008-0590)

- An attacker can exploit a vulnerability in the
'FTPLogServer/LogViewer.asp' script to gain access to
the log viewing interface. (CVE-2008-5692)

See also :

http://www.ipswitchft.com/support/ws_ftp_server/releases/wr611.asp
http://www.securityfocus.com/archive/1/487506/30/0/threaded
http://www.securityfocus.com/archive/1/487441/30/0/threaded

Solution :

Upgrade to WS_FTP Server 6.1.1 or later.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.0
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 40772 ()

Bugtraq ID: 27573
27612
27654

CVE ID: CVE-2008-0590
CVE-2008-0608
CVE-2008-5692
CVE-2008-5693