CVE-1999-1337

FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
Configurations

Configuration 1 (hide)

cpe:2.3:a:midnight_commander:midnight_commander:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:30

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=93370073207984&w=2 - () http://marc.info/?l=bugtraq&m=93370073207984&w=2 -
References () http://www.iss.net/security_center/static/9873.php - () http://www.iss.net/security_center/static/9873.php -
References () http://www.osvdb.org/5921 - () http://www.osvdb.org/5921 -

Information

Published : 1999-08-01 04:00

Updated : 2024-11-20 23:30


NVD link : CVE-1999-1337

Mitre link : CVE-1999-1337

CVE.ORG link : CVE-1999-1337


JSON object : View

Products Affected

midnight_commander

  • midnight_commander