CVE-2005-2727

Description

Home Ftp Server 1.0.7 stores sensitive user information and server information in the same directory as the user's home directory, which allows remote authenticated users to obtain sensitive information by obtaining ftpmembers.lst and ftpsettings.lst.

Affected products

• ari_pikivirta / home_ftp_server1.0.7_b45 – 1.0.7_b45

References

• MAILING_LISThttp://marc.info/?l=bugtraq&m=112490496918102&w=2
• MISChttp://www.autistici.org/fdonato/advisory/HomeFtpServer1.0.7-adv.txt
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/22002
• MISChttp://www.securityfocus.com/bid/14653