Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1337


Vulnerability Score 4.6 4.6
CVE Id CVE-1999-1337
Last Modified 10 Sep 2008 03:01:44
Published 01 Aug 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.

Vulnerable Systems


  • Midnight Commander 4.5.11


BUGTRAQ - 19990801 midnight commander vulnerability(?) (fwd)

OSVDB - 5921

XF - midnight-commander-data-disclosure(9873)

Last Updated: 27 May 2016 10:35:23