CVE-2002-1939

Sažetak

FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties.

Reference

http://online.securityfocus.com/archive/1/296658
http://www.iss.net/security_center/static/10445.php
http://www.securityfocus.com/bid/6032

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

05-09-2008 - 20:31

Objavljeno

31-12-2002 - 05:00