Lucene search

MitreCVE-2001-0768

HistoryOct 18, 2001 - 4:00 a.m.

CVE-2001-0768

2001-10-1804:00:00

mitre

web.nvd.nist.gov

cve-2001-0768

guildftpd 0.9.7

plaintext storage

local user

ftp

gain privileges

nvd.

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

Percentile

5.1%

JSON

GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file.

Affected configurations

Nvd

Node

steve_poulsenguildftpdMatch0.9.7

VendorProductVersionCPE
steve_poulsenguildftpd0.9.7cpe:2.3:a:steve_poulsen:guildftpd:0.9.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
steve_poulsen	guildftpd	0.9.7	cpe:2.3:a:steve_poulsen:guildftpd:0.9.7:::::::*

References

archives.neohapsis.com/archives/bugtraq/2001-05/0250.html

www.securityfocus.com/bid/2792

exchange.xforce.ibmcloud.com/vulnerabilities/6611

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0768