Intelligence Center » Browse All Vulnerabilities » CVE-1999-1475
Overview |
|
| Vulnerability Score |  4.6 |
| CVE Id | CVE-1999-1475 |
| Last Modified | 05 Sep 2008 04:19:36 |
| Published | 19 Nov 1999 12:00:00 |
| Confidentiality Impact | PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Access Vector | LOCAL |
| Access Complexity | LOW |
| Authentication | NONE |
CVE-1999-1475
Summary
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
Vulnerable Systems
Application
Proftpd Project Proftpd 1.2
References
BID - 812
BUGTRAQ - 19991119 ProFTPd - mod_sqlpw.c
IT Risk Posture:
Free Risk Assessment Tools
Application Scanner
Find vulnerabilities on your network.
Device Scanner
Find vulnerabilities on your network.
Patch Scanner
Find vulnerabilities on your network.
Last Updated: 27 May 2016 10:35:26
