PT-1999-1665 · Auto Ftp · Auto Ftp

Published

1999-10-05

Updated

2016-10-18

CVE-1999-1344

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Auto FTP version 0.2

Description: The issue concerns the storage of sensitive information in plaintext. Specifically, the Auto FTP.pl script in Auto FTP stores usernames and passwords in plaintext in the auto ftp.conf configuration file.

Recommendations: For Auto FTP version 0.2, consider modifying the script to store usernames and passwords securely, such as using encryption, to prevent unauthorized access to sensitive information. As a temporary workaround, restrict access to the auto ftp.conf configuration file to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1344

Affected Products

Auto Ftp

PT-1999-1665 · Auto Ftp · Auto Ftp

CVE-1999-1344

Related Identifiers

Affected Products

References · 2