Floosietek FTGate Mail Server Vulnerability
BID:1397
Info
Floosietek FTGate Mail Server Vulnerability
| Bugtraq ID: | 1397 |
| Class: | Configuration Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Jun 27 2000 12:00AM |
| Updated: | Jun 27 2000 12:00AM |
| Credit: | Discovered by and posted to Bugtraq on June 27, 2000 by Andrew Lewis <[email protected]>. |
| Vulnerable: |
Floosietek FTGate 2.2 |
| Not Vulnerable: | |
Discussion
Floosietek FTGate Mail Server Vulnerability
If invalid user login information is requested the FTGate mail server will display an error message but never drop the connection. This enables an attacker to bruteforce usernames and passwords.
If invalid user login information is requested the FTGate mail server will display an error message but never drop the connection. This enables an attacker to bruteforce usernames and passwords.
Exploit / POC
Floosietek FTGate Mail Server Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Floosietek FTGate Mail Server Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].