CVE-2008-5693 Information

Description

Ipswitch WS_FTP Server Manager 6.1.0.0 and earlier and possibly other Ipswitch products might allow remote attackers to read the contents of custom ASP files in WSFTPSVR/ via a request with an appended dot character.

Reference

http://aluigi.altervista.org/adv/wsftpweblog-adv.txt http://securityreason.com/securityalert/4799 http://www.securityfocus.com/archive/1/487686/100/200/threaded http://www.securityfocus.com/archive/1/487697/100/200/threaded http://www.securityfocus.com/bid/27654 https://exchange.xforce.ibmcloud.com/vulnerabilities/47677