CVE-2008-5692

CVE-2008-5692 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Ipswitch WS_FTP Server Manager before 6.1.1, and possibly other Ipswitch products, allows remote attackers to bypass authentication and read logs via a logLogout action to FTPLogServer/login.asp followed by a request to FTPLogServer/LogViewer.asp with the localhostnull account name.

Learn more about our Cis Benchmark Audit For Server Software.