Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1475


Vulnerability Score 4.6 4.6
CVE Id CVE-1999-1475
Last Modified 05 Sep 2008 04:19:36
Published 19 Nov 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE



ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.

Vulnerable Systems


  • Proftpd Project Proftpd 1.2


BID - 812

BUGTRAQ - 19991119 ProFTPd - mod_sqlpw.c

Last Updated: 27 May 2016 10:35:26