Cerberus FTP Server 6.x < 18.104.22.168 / 7.x < 22.214.171.124 SSH FTP Account Enumeration
Medium Nessus Plugin ID 76459
SynopsisThe FTP server installed on the remote Windows host is affected by an unauthorized information disclosure vulnerability.
DescriptionThe version of Cerberus FTP Server on the remote host is version 6.x prior to 126.96.36.199 or version 7.x prior to 188.8.131.52. It is, therefore, affected by an unauthorized information disclosure vulnerability.
A remote attacker can enumerate user accounts via an analysis of responses from the SSH FTP service.
SolutionUpgrade to Cerberus FTP Server 184.108.40.206 / 220.127.116.11 or later.