Vulnerabilities > CVE-2006-6949 - Insecure Default Accounts and Directory Traversal vulnerability in Conti Ftpserver 1.0Build2.8

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

conti

NVD

Published: 2007-01-23

Updated: 2017-07-29

Summary

Conti FTPServer 1.0 Build 2.8 stores user passwords in cleartext in MyServerSettings.ini, which allows local users to obtain sensitive information by reading this file.

Vulnerable Configurations

Part	Description	Count
Application	Conti Conti Ftpserver 1.0_Build_2.8	1

References

http://secunia.com/advisories/23030
http://secwatch.org/advisories/1016194/
http://www.securityfocus.com/bid/21174
http://www.vupen.com/english/advisories/2006/4605
https://exchange.xforce.ibmcloud.com/vulnerabilities/30412