BlackMoon FTP Server blackmoon.mdb Plaintext Password Disclosure

This script is Copyright (C) 2003-2015 Tenable Network Security, Inc.

Synopsis :

The remote FTP server is affected by a password disclosure

Description :

BlackMoon FTP server is installed on the remote host. FTP usernames
and passwords are stored on the server in plaintext in a filed called
'blackmoon.mdb.' Any user with an account on this host may read the
credentials stored in this file, and use them to connect to this FTP

See also :

Solution :

Upgrade to the latest version of BlackMoon FTP.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 11649 (blackmoon_ftp_users_database.nasl)

Bugtraq ID: 7646

CVE ID: CVE-2003-0342

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now