Ipswitch WS_FTP Server < 6.1.1 Multiple Vulnerabilities

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.

Synopsis :

The remote FTP server is affected by multiple vulnerabilities.

Description :

The remote host is running a version of WS_FTP earlier than 6.1.1.
Such versions are reportedly affected by multiple vulnerabilities :

- Improper handling of UDP packets within the FTP log
server may allow an attacker to crash the affected
service. (CVE-2008-0608)

- There is a buffer overflow vulnerability in the SSH
Server service that can be triggered when handling
arguments to the 'opendir' command. (CVE-2008-0590)

- An attacker can exploit a vulnerability in the
'FTPLogServer/LogViewer.asp' script to gain access to
the log viewing interface. (CVE-2008-5692)

See also :


Solution :

Upgrade to WS_FTP Server 6.1.1 or later.

Risk factor :

High / CVSS Base Score : 9.0
CVSS Temporal Score : 7.0
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 40771 ()

Bugtraq ID: 27573

CVE ID: CVE-2008-0590

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now