Описание
The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a user password.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:psftp:psftpd:10.0.4:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00065
Низкий
5.3 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "ITsILLEGAL"; however, this password is not required to extract the data. Cleartext is used for a user password.
EPSS
Процентиль: 20%
0.00065
Низкий
5.3 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-287