PT-2001-2254 · Eftp · Eftp

Publicado

2001-09-12

Atualizado

2017-12-19

CVE-2001-1111

CVSS v2.0

4.6

Média

Vetor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions EFTP version 2.0.7.337

Description The issue concerns the storage of user passwords in plaintext. Specifically, user passwords are stored in plaintext in the eftp2users.dat file.

Recommendations For EFTP version 2.0.7.337, consider updating the software to a version that securely stores user passwords, or as a temporary workaround, restrict access to the eftp2users.dat file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2001-1111

Produtos afetados

Eftp

PT-2001-2254 · Eftp · Eftp

CVE-2001-1111

Identificadores relacionados

Produtos afetados

Referências · 4