Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4066

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2005-4066
Last Modified 07 Mar 2011 12:00:00
Published 07 Dec 2005 06:03:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4066

Summary

Total Commander 6.53 uses weak encryption to store FTP usernames and passwords in WCX_FTP.INI, which allows local users to decrypt the passwords and gain access to FTP servers, as possibly demonstrated by the W32.Gudeb worm.

Vulnerable Systems

Application

  • Christian Ghisler Total Commander 6.53


References

XF - totalcommander-ftp-weak-encryption(23497)

VUPEN - ADV-2005-2780

MISC - http://www.networksecurity.fi/advisories/total-commander.html

SECTRACK - 1015311


Last Updated: 27 May 2016 10:41:10