Ipswitch WS_FTP Server < 6.1.1 Multiple Vulnerabilities (uncredentialed check)

high Nessus Plugin ID 40772

Synopsis

The remote FTP server is affected by multiple vulnerabilities.

Description

According to its banner, the remote host is running a version of WS_FTP earlier than 6.1.1. Such versions are reportedly affected by multiple vulnerabilities :

- Improper handling of UDP packets within the FTP log server may allow an attacker to crash the affected service. (CVE-2008-0608)

- There is a buffer overflow vulnerability in the SSH Server service that can be triggered when handling arguments to the 'opendir' command. (CVE-2008-0590)

- An attacker can exploit a vulnerability in the 'FTPLogServer/LogViewer.asp' script to gain access to the log viewing interface. (CVE-2008-5692)

Solution

Upgrade to WS_FTP Server 6.1.1 or later.

See Also

https://www.securityfocus.com/archive/1/487506/30/0/threaded

https://www.securityfocus.com/archive/1/487441/30/0/threaded

http://www.ipswitchft.com/support/ws_ftp_server/releases/wr611.asp

Plugin Details

Severity: High

ID: 40772

File Name: ws_ftp_server_611_banner.nasl

Version: 1.14

Type: remote

Family: FTP

Published: 8/24/2009

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:ipswitch:ws_ftp

Required KB Items: ftp/wsftp

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/20/2008

Vulnerability Publication Date: 2/4/2008

Reference Information

CVE: CVE-2008-0590, CVE-2008-0608, CVE-2008-5692, CVE-2008-5693

BID: 27573, 27612, 27654

CWE: 119, 20, 287

Secunia: 28753, 28761, 28822