Exce

Name of the Vulnerable Software and Affected Versions: BlackMoon FTP Server version 2.6 Free Edition Description: The issue allows remote attackers to more easily conduct brute force attacks because the software generates an "Account does not exist" error message when an invalid username is entered. Recommendations: For version 2.6 Free Edition, consider modifying the error message handling to prevent disclosure of account existence information, or apply alternative security measures to mitigate brute force attacks.

Name of the Vulnerable Software and Affected Versions: BlackMoon FTP Server version 2.6 Free Edition Description: The issue allows local users to gain privileges by accessing user names and passwords stored in plaintext in the blackmoon.mdb file. Recommendations: For BlackMoon FTP Server version 2.6 Free Edition, consider restricting access to the blackmoon.mdb file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.