Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-1999-1475

ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.

PublishedNov 19, 1999, 05:00

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://www.securityfocus.com/archive/1/35483
http://www.securityfocus.com/bid/812

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

4.6

Vector String

AV:L/AC:L/Au:N/C:P/I:P/A:P

Base SeverityUnknown

Version

2.0

Attack Vector (AV)