FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
References
Configurations
History
20 Nov 2024, 23:30
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=93370073207984&w=2 - | |
References | () http://www.iss.net/security_center/static/9873.php - | |
References | () http://www.osvdb.org/5921 - |
Information
Published : 1999-08-01 04:00
Updated : 2024-11-20 23:30
NVD link : CVE-1999-1337
Mitre link : CVE-1999-1337
CVE.ORG link : CVE-1999-1337
JSON object : View
Products Affected
midnight_commander
- midnight_commander
CWE