Vulnerabilities > CVE-1999-1337 - Unspecified vulnerability in Midnight Commander Midnight Commander

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
midnight-commander

Summary

FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.

Vulnerable Configurations

Part Description Count
Application
Midnight_Commander
1