CVE-2005-1092

CVE-2005-1092

EPSS 0.9%

Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://lostmon.blogspot.com/2005/04/deluxeftp-plain-text-passwords.html http://secunia.com/advisories/14923 http://www.osvdb.org/15421 http://www.securityfocus.com/bid/13105