Vulnerabilities > CVE-2001-0768 - Unspecified vulnerability in Steve Poulsen Guildftpd 0.9.7

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

steve-poulsen

NVD

Published: 2001-10-18

Updated: 2017-12-19

Summary

GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file.

Vulnerable Configurations

Part	Description	Count
Application	Steve_Poulsen Steve Poulsen Guildftpd 0.9.7	1

References

http://archives.neohapsis.com/archives/bugtraq/2001-05/0250.html
http://www.securityfocus.com/bid/2792
https://exchange.xforce.ibmcloud.com/vulnerabilities/6611