CVE-2008-0604 — MEDIUM (6.8)

Q: How severe is CVE-2008-0604?

CVE-2008-0604 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-0604?

Check the references section above for vendor advisories and patch information. Affected products include: Xlight Ftp Server Xlight Ftp Server.

Vulnerability Description

The LDAP authentication feature in XLight FTP Server before 2.83, when used with some unspecified LDAP servers, does not check for blank passwords, which allows remote attackers to bypass intended access restrictions.

CVSS Score

6.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Xlight Ftp Server	Xlight Ftp Server	<= 2.82

Related Weaknesses (CWE)

CWE-255

References

FAQ

What is CVE-2008-0604?

CVE-2008-0604 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The LDAP authentication feature in XLight FTP Server before 2.83, when used with some unspecified LDAP servers, does not check for blank passwords, which allows remote attackers to bypass intended acc...

How severe is CVE-2008-0604?

CVE-2008-0604 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-0604?

Check the references section above for vendor advisories and patch information. Affected products include: Xlight Ftp Server Xlight Ftp Server.