Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WS_FTP Server < 6.1.1 Multiple Vulnerabilities

High

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

This host is running a vulnerable version of WS_FTP FTP server. Versions up to and including 6.1.0 are reported prone to multiple flaws:

- A vulnerability caused by an improper handling of UDP packets within the FTP log server. An attacker can exploit this to crash the affected service. (CVE-2008-0608)

- A buffer overflow vulnerability in the SSH server service when handling arguments to the 'opendir' command. (CVE-2008-0590)

- An information disclosure vulnerability when processing HTTP requests for the 'FTPLogServer/LogViewer.asp' script. An attacker can exploit this to gain access to the log viewing interface. (CVE-2008-5692)

Solution

Upgrade to version 6.1.1 or higher.