Cerberus FTP Server 6.x < 188.8.131.52 / 7.x < 184.108.40.206 SSH FTP Account Enumeration
Medium Nessus Plugin ID 76459
SynopsisThe FTP server installed on the remote Windows host is affected by an unauthorized information disclosure vulnerability.
DescriptionThe version of Cerberus FTP Server on the remote host is version 6.x prior to 220.127.116.11 or version 7.x prior to 18.104.22.168. It is, therefore, affected by an unauthorized information disclosure vulnerability.
A remote attacker can enumerate user accounts via an analysis of responses from the SSH FTP service.
SolutionUpgrade to Cerberus FTP Server 22.214.171.124 / 126.96.36.199 or later.