CVE-2005-2727

medium

Description

Home Ftp Server 1.0.7 stores sensitive user information and server information in the same directory as the user's home directory, which allows remote authenticated users to obtain sensitive information by obtaining ftpmembers.lst and ftpsettings.lst.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/22002

http://www.securityfocus.com/bid/14653

http://www.autistici.org/fdonato/advisory/HomeFtpServer1.0.7-adv.txt

http://marc.info/?l=bugtraq&m=112490496918102&w=2

Details

Source: Mitre, NVD

Published: 2005-08-30

Updated: 2017-07-11

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium