CVE-1999-1475

ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
References
Link Resource
http://www.securityfocus.com/archive/1/35483 Patch Vendor Advisory
http://www.securityfocus.com/bid/812 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:proftpd_project:proftpd:1.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 1999-11-19 05:00

Updated : 2023-12-10 10:17


NVD link : CVE-1999-1475

Mitre link : CVE-1999-1475

CVE.ORG link : CVE-1999-1475


JSON object : View

Products Affected

proftpd_project

  • proftpd