CVE-2005-1092

CVE-2005-1092

EPSS 0.9%

Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://lostmon.blogspot.com/2005/04/deluxeftp-plain-text-passwords.html http://secunia.com/advisories/14923 http://www.osvdb.org/15421 http://www.securityfocus.com/bid/13105