FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
References
Configurations
History
No history.
Information
Published : 1999-08-01 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-1999-1337
Mitre link : CVE-1999-1337
CVE.ORG link : CVE-1999-1337
JSON object : View
Products Affected
midnight_commander
- midnight_commander
CWE