ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a password, which allows remote attackers to determine valid usernames.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=110451582011666&w=2 | Third Party Advisory |
http://secunia.com/advisories/13063 | Broken Link |
http://securitytracker.com/id?1012744 | Broken Link Third Party Advisory VDB Entry |
http://www.argosoft.com/ftpserver/changelist.aspx | Broken Link |
http://www.lovebug.org/argosoft_advisory.txt | Broken Link URL Repurposed |
http://www.osvdb.org/11335 | Broken Link |
http://www.securityfocus.com/bid/12139 | Broken Link Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/18721 | Third Party Advisory VDB Entry |
Configurations
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://www.lovebug.org/argosoft_advisory.txt - Broken Link, URL Repurposed |
13 Feb 2024, 20:01
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-203 | |
CPE | cpe:2.3:a:argosoft:ftp_server:1.4.1.4:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.1.3:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.1.5:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.1.8:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.1.6:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.1.7:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.2:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.1.9:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.1.2:*:*:*:*:*:*:* cpe:2.3:a:argosoft:ftp_server:1.4.1.1:*:*:*:*:*:*:* |
cpe:2.3:a:argosoft:ftp_server:*:*:*:*:*:*:*:* |
References | (OSVDB) http://www.osvdb.org/11335 - Broken Link | |
References | (MISC) http://www.lovebug.org/argosoft_advisory.txt - Broken Link | |
References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=110451582011666&w=2 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/13063 - Broken Link | |
References | (BID) http://www.securityfocus.com/bid/12139 - Broken Link, Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://www.argosoft.com/ftpserver/changelist.aspx - Broken Link | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/18721 - Third Party Advisory, VDB Entry | |
References | (SECTRACK) http://securitytracker.com/id?1012744 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2004-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2004-1428
Mitre link : CVE-2004-1428
CVE.ORG link : CVE-2004-1428
JSON object : View
Products Affected
argosoft
- ftp_server
CWE
CWE-203
Observable Discrepancy