Vulnerabilities > CVE-2003-0342 - Local Security vulnerability in Selom Ofori Blackmoon FTP Server 2.6

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
selom-ofori
nessus

Summary

BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges.

Vulnerable Configurations

Part Description Count
Application
Selom_Ofori
1

Nessus

NASL familyWindows
NASL idBLACKMOON_FTP_USERS_DATABASE.NASL
descriptionBlackMoon FTP server is installed on the remote host. FTP usernames and passwords are stored on the server in plaintext in a filed called
last seen2020-06-01
modified2020-06-02
plugin id11649
published2003-05-27
reporterThis script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/11649
titleBlackMoon FTP Server blackmoon.mdb Plaintext Password Disclosure