CVE-1999-1354

Name of the Vulnerable Software and Affected Versions: Softarc FirstClass Internet Server versions 5.506 and earlier

Description: The e-mail client in the affected software stores usernames and passwords in cleartext in various files, including home.fc for version 5.506, network.fc for version 3.5, or FCCLIENT.LOG when logging is enabled.

Recommendations: For Softarc FirstClass Internet Server versions 5.506 and earlier, consider disabling the storage of usernames and passwords in cleartext as a temporary workaround until a patch is available. Restrict access to the files home.fc, network.fc, and FCCLIENT.LOG to minimize the risk of exploitation. Avoid using the logging feature until the issue is resolved.