CVE-2004-1429

Description

ArGoSoft FTP 1.4.2.4 and earlier does not limit the number of times that a bad password can be entered, which makes it easier for remote attackers to guess passwords via a brute force attack.

Affected products

• argosoft / ftp_server1.4.2.4
• argosoft / ftp_server1.4.1.1 – 1.4.1.1
• argosoft / ftp_server1.4.1.2 – 1.4.1.2
• argosoft / ftp_server1.4.1.3 – 1.4.1.3
• argosoft / ftp_server1.4.1.4 – 1.4.1.4
• argosoft / ftp_server1.4.1.5 – 1.4.1.5
• argosoft / ftp_server1.4.1.6 – 1.4.1.6
• argosoft / ftp_server1.4.1.7 – 1.4.1.7
• argosoft / ftp_server1.4.1.8 – 1.4.1.8
• argosoft / ftp_server1.4.1.9 – 1.4.1.9
• argosoft / ftp_server1.4.2 – 1.4.2
• argosoft / ftp_server1.4.2.1 – 1.4.2.1

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/18722
• MAILING_LISThttp://marc.info/?l=bugtraq&m=110451582011666&w=2