PT-2005-3610 · Unknown · Home Ftp Server

Donato Ferrante

Published

2005-08-29

Updated

2017-07-11

CVE-2005-2727

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Home Ftp Server version 1.0.7

Description The issue allows remote authenticated users to obtain sensitive information. This is possible because sensitive user and server information is stored in the same directory as the user's home directory. Specifically, users can access ftpmembers.lst and ftpsettings.lst to gain sensitive information.

Recommendations For Home Ftp Server version 1.0.7, consider restricting access to the sensitive files ftpmembers.lst and ftpsettings.lst to prevent unauthorized users from obtaining sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2727

Affected Products

Home Ftp Server

PT-2005-3610 · Unknown · Home Ftp Server

CVE-2005-2727

Related Identifiers

Affected Products

References · 5