Cerberus FTP Server 6.x < 184.108.40.206 / 7.x < 220.127.116.11 SSH FTP Account Enumeration
Medium Nessus Plugin ID 76459
SynopsisThe FTP server installed on the remote Windows host is affected by an unauthorized information disclosure vulnerability.
DescriptionThe version of Cerberus FTP Server on the remote host is version 6.x prior to 18.104.22.168 or version 7.x prior to 22.214.171.124. It is, therefore, affected by an unauthorized information disclosure vulnerability.
A remote attacker can enumerate user accounts via an analysis of responses from the SSH FTP service.
SolutionUpgrade to Cerberus FTP Server 126.96.36.199 / 188.8.131.52 or later.