CVE-2008-5693

EUVD-2008-5664
Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier, and possibly other Ipswitch products, might allow remote attackers to read the contents of custom ASP files in WSFTPSVR/ via a request with an appended dot character.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
ipswitchws_ftp
𝑥
≤ 6.1
ipswitchws_ftp
1.0.5
ipswitchws_ftp
2.01
ipswitchws_ftp
2.02
ipswitchws_ftp
2.03
ipswitchws_ftp
3.0
ipswitchws_ftp
3.0.1
ipswitchws_ftp
3.1.0
ipswitchws_ftp
3.1.1
ipswitchws_ftp
3.1.2
ipswitchws_ftp
3.1.3
ipswitchws_ftp
3.14
ipswitchws_ftp
4.00
ipswitchws_ftp
4.01
ipswitchws_ftp
4.02
ipswitchws_ftp
5.00
ipswitchws_ftp
5.01
ipswitchws_ftp
5.02
ipswitchws_ftp
5.03
ipswitchws_ftp
5.04
ipswitchws_ftp
5.05
ipswitchws_ftp
6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://aluigi.altervista.org/adv/wsftpweblog-adv.txt
http://securityreason.com/securityalert/4799
http://www.securityfocus.com/archive/1/487686/100/200/threaded
http://www.securityfocus.com/archive/1/487697/100/200/threaded
http://www.securityfocus.com/bid/27654
https://exchange.xforce.ibmcloud.com/vulnerabilities/47677
http://aluigi.altervista.org/adv/wsftpweblog-adv.txt
http://securityreason.com/securityalert/4799
http://www.securityfocus.com/archive/1/487686/100/200/threaded
http://www.securityfocus.com/archive/1/487697/100/200/threaded
http://www.securityfocus.com/bid/27654
https://exchange.xforce.ibmcloud.com/vulnerabilities/47677