CVE-2002-1939

2022-10-0316:23:46

mitre

www.cve.org

flashfxp

plaintext

ftp

vulnerability

passwords

transfers

queue properties

attackers

obtain

6.4 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.2%

JSON

FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties.

References

online.securityfocus.com/archive/1/296658

www.iss.net/security_center/static/10445.php

www.securityfocus.com/bid/6032