CVE-1999-1475 - CVE Details

Description

ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

proftpd_project - proftpd

Affected Versions:

References

http://www.securityfocus.com/archive/1/35483
PatchVendor Advisory
http://www.securityfocus.com/bid/812
PatchVendor Advisory
http://www.securityfocus.com/archive/1/35483
PatchVendor Advisory
http://www.securityfocus.com/bid/812
PatchVendor Advisory