RSS   Vulnerabilities for 'Auto ftp'   RSS

CVE-1999-1345 script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permissions, which allows local users to (1) send arbitrary files to the remote server by placing them in the directory, and (2) view files that are being transferred.

CVE-1999-1344 script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf configuration file.


Copyright 2018,


Back to Top