PeerFTP_5 Insecure Password Storage Vulnerability
BID:12670
Info
PeerFTP_5 Insecure Password Storage Vulnerability
| Bugtraq ID: | 12670 |
| Class: | Configuration Error |
| CVE: |
CVE-2005-0517 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 26 2005 12:00AM |
| Updated: | Jul 12 2009 10:56AM |
| Credit: | [email protected] is credited with the discovery of this issue. |
| Vulnerable: |
PeerFTP_5 PeerFTP_5 |
| Not Vulnerable: | |
Discussion
PeerFTP_5 Insecure Password Storage Vulnerability
A local insecure password storage vulnerability affects PeerFTP_5. This issue is due to a failure of the application to store password with secure permissions by default.
A local attacker may leverage this issue to gain access to authentication credentials for FTP user accounts, facilitating unauthorized access.
A local insecure password storage vulnerability affects PeerFTP_5. This issue is due to a failure of the application to store password with secure permissions by default.
A local attacker may leverage this issue to gain access to authentication credentials for FTP user accounts, facilitating unauthorized access.
Exploit / POC
PeerFTP_5 Insecure Password Storage Vulnerability
No exploit is required to leverage this issue.
No exploit is required to leverage this issue.
Solution / Fix
PeerFTP_5 Insecure Password Storage Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.