CVE-2002-2417

2007-11-0117:00:00

mitre

www.cve.org

7.1 High

AI Score

Confidence

Low

0.047 Low

EPSS

Percentile

92.6%

JSON

acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.

References

archives.neohapsis.com/archives/vulnwatch/2002-q4/0088.html

securityreason.com/securityalert/3334

www.iss.net/security_center/static/10681.php

www.securityfocus.com/archive/1/300929

www.securityfocus.com/bid/6235