PT-2001-2254 · Eftp · Eftp

Published

2001-09-12

Updated

2017-12-19

CVE-2001-1111

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions EFTP version 2.0.7.337

Description The issue concerns the storage of user passwords in plaintext. Specifically, user passwords are stored in plaintext in the eftp2users.dat file.

Recommendations For EFTP version 2.0.7.337, consider updating the software to a version that securely stores user passwords, or as a temporary workaround, restrict access to the eftp2users.dat file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1111

Affected Products

Eftp

PT-2001-2254 · Eftp · Eftp

CVE-2001-1111

Related Identifiers

Affected Products

References · 4