Lucene search

[email protected]CVE-2002-0264

HistoryMay 29, 2002 - 4:00 a.m.

CVE-2002-0264

2002-05-2904:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

powerftp

plaintext storage

sensitive information

ftp server

access

privileges

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.026 Low

EPSS

Percentile

90.1%

JSON

PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges.

CPENameOperatorVersion
cooolsoft:powerftpcooolsoft powerftpeq2.03
cooolsoft:powerftpcooolsoft powerftpeq2.10

CPE	Name	Operator	Version
cooolsoft:powerftp	cooolsoft powerftp	eq	2.03
cooolsoft:powerftp	cooolsoft powerftp	eq	2.10

References

marc.info/?l=bugtraq&m=101361745222207&w=2

www.iss.net/security_center/static/8183.php

www.securityfocus.com/bid/4074

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.026 Low

EPSS

Percentile

90.1%

JSON