CVE-2004-1428

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a password, which allows remote attackers to determine valid usernames.

Ссылки

http://marc.info/?l=bugtraq&m=110451582011666&w=2
Third Party Advisory
http://secunia.com/advisories/13063
Broken Link
http://securitytracker.com/id?1012744
Broken Link
Third Party Advisory
VDB Entry
http://www.argosoft.com/ftpserver/changelist.aspx
Broken Link
http://www.lovebug.org/argosoft_advisory.txt
Broken Link
URL Repurposed
http://www.osvdb.org/11335
Broken Link
http://www.securityfocus.com/bid/12139
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/18721
Third Party Advisory
VDB Entry
http://marc.info/?l=bugtraq&m=110451582011666&w=2
Third Party Advisory
http://secunia.com/advisories/13063
Broken Link
http://securitytracker.com/id?1012744
Broken Link
Third Party Advisory
VDB Entry
http://www.argosoft.com/ftpserver/changelist.aspx
Broken Link
http://www.lovebug.org/argosoft_advisory.txt
Broken Link
URL Repurposed
http://www.osvdb.org/11335
Broken Link
http://www.securityfocus.com/bid/12139
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/18721
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:argosoft:ftp_server:*:*:*:*:*:*:*:*

Версия до 1.4.2.1 (исключая)

EPSS

Процентиль: 77%

0.01097

Низкий

5 Medium

CVSS2

Дефекты

CWE-203

Связанные уязвимости

GHSA-6v23-8229-rc5j

github

больше 3 лет назад