Cerberus FTP Server 6.x < 126.96.36.199 / 7.x < 188.8.131.52 SSH FTP Account Enumeration
Medium Nessus Plugin ID 76459
SynopsisThe FTP server installed on the remote Windows host is affected by an unauthorized information disclosure vulnerability.
DescriptionThe version of Cerberus FTP Server on the remote host is version 6.x prior to 184.108.40.206 or version 7.x prior to 220.127.116.11. It is, therefore, affected by an unauthorized information disclosure vulnerability.
A remote attacker can enumerate user accounts via an analysis of responses from the SSH FTP service.
SolutionUpgrade to Cerberus FTP Server 18.104.22.168 / 22.214.171.124 or later.