Detections
Analytics

FTPS Cleartext Fallback Security Bypass

medium Nessus Plugin ID 57272

Language:

Synopsis

The FTPS server on the remote host falls back to cleartext communication if SSL negotiations fail.

Description

The remote FTPS server running on the remote host is affected by a security bypass vulnerability due to accepting unencrypted commands if SSL negotiations fail. A man-in-the-middle attacker can exploit this to intercept credentials and modify files.

Solution

If using Serv-U, upgrade to version 11.1.0.3 or later. Otherwise, contact the vendor for a patch.

See Also

https://support.solarwinds.com/Success_Center/Serv-U_Managed_File_Transfer_Serv-U_FTP_Server/Serv-U_Documentation/release_notes

Plugin Details

Severity: Medium

ID: 57272

File Name: ftps_plaintext_fallback.nasl

Version: 1.7

Type: remote

Family: FTP

Published: 12/13/2011

Updated: 11/15/2018

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5.8

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: cpe:/a:serv-u:serv-u

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/29/2011

Vulnerability Publication Date: 11/29/2011

Reference Information

BID: 50881