PT-2004-3293 · Wing Ftp · Winftp Server

Published

2004-12-31

·

Updated

2017-07-11

·

CVE-2004-2400

CVSS v2.0

2.1

Low

VectorAV:L/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions: WinFTP Server version 1.6
Description: The issue allows local users to gain access to credentials because they are stored in plaintext in the datauser.wfd file.
Recommendations: For WinFTP Server version 1.6, consider restricting access to the datauser.wfd file to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2400

Affected Products

Winftp Server