Vulnerabilities > CVE-2005-1094

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
network-client-com
exploit available
NVD
Published: 2005-04-08
Updated: 2017-07-11

Summary

FTP Now 2.6.14 stores usernames and passwords in plaintext in sites.xml, which is world-readable, which allows local users to gain privileges.

Vulnerable Configurations

Part Description Count
Application
Network-Client.Com
1

Exploit-Db

descriptionFTP Now <= 2.6.14 Local Password Disclosure Exploit. CVE-2005-1094. Local exploit for windows platform
idEDB-ID:918
last seen2016-01-31
modified2005-04-06
published2005-04-06
reporterKozan
sourcehttps://www.exploit-db.com/download/918/
titleFTP Now <= 2.6.14 - Local Password Disclosure Exploit

References