PT-2002-1334 · Powerftp · Powerftp Personal Ftp Server

Published

2002-05-03

Updated

2016-10-18

CVE-2002-0264

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions PowerFTP Personal FTP Server versions 2.03 through 2.10

Description The issue concerns the storage of sensitive account information in plaintext within the ftpserver.ini file. This allows attackers who gain access to the file to obtain privileges.

Recommendations For PowerFTP Personal FTP Server versions 2.03 through 2.10, consider restricting access to the ftpserver.ini file to minimize the risk of exploitation. Additionally, avoid storing sensitive account information in plaintext to reduce the potential impact of this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0264

Affected Products

Powerftp Personal Ftp Server

PT-2002-1334 · Powerftp · Powerftp Personal Ftp Server

CVE-2002-0264

Related Identifiers

Affected Products

References · 4