PT-2005-5440 · Tashcom · Tashcom Aspedit

Basher13

Published

2005-12-31

Updated

2008-09-05

CVE-2005-4777

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Tashcom ASPEdit version 2.9

Description The issue allows local users to potentially view the administration password, also known as the FTP password, as it is stored in cleartext in the registry.

Recommendations For Tashcom ASPEdit version 2.9, consider changing the administration password and storing it securely to prevent unauthorized access. As a temporary workaround, restrict local access to the system to minimize the risk of password exposure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-4777

Affected Products

Tashcom Aspedit

PT-2005-5440 · Tashcom · Tashcom Aspedit

CVE-2005-4777

Related Identifiers

Affected Products

References · 5