CVE-2001-1481

Name of the Vulnerable Software and Affected Versions Xitami versions 2.4 through 2.5 b4

Description The issue allows remote attackers to gain privileges due to the storage of the Administrator password in plaintext in the default.aut file. The default permissions of this file are world-readable, which exacerbates the problem.

Recommendations For Xitami versions 2.4 through 2.5 b4, consider restricting access to the default.aut file to prevent unauthorized reading of the Administrator password. As a temporary workaround, change the permissions of the default.aut file to prevent world-readable access until a more permanent solution is available. Restrict access to the Administrator account to minimize the risk of exploitation.