|
|
CVE Reference: CVE-2008-5692 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-5692 |
|
|
Description: Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/4799 SAID Secunia Advisory: SA28822 MISC http://aluigi.altervista.org/adv/wsftpweblog-adv.txt CONFIRM http://docs.ipswitch.com/WS_FTP_Server611/ReleaseNotes/index.htm?k_id=ipswitch_ftp_documents_worldwide_ws_ftpserverv611releasenotes#link12 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/487697/100/200/threaded http://www.securityfocus.com/archive/1/archive/1/487686/100/200/threaded BID 27654 |
|
| Return to the previous page. |
