CVE-2005-1092

CVE-2005-1092

EPSS 0.9%

Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://lostmon.blogspot.com/2005/04/deluxeftp-plain-text-passwords.html http://secunia.com/advisories/14923 http://www.osvdb.org/15421 http://www.securityfocus.com/bid/13105