Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Windows >> Blackmoon FTP stores passwords in cleartext

Vulnerability Assessment Details

Blackmoon FTP stores passwords in cleartext
Vulnerability Assessment Summary
Acertains the presence of Blackmoon ftp users database

Detailed Explanation for this Vulnerability Assessment

The remote host has the program BlackMoon FTP installed.

There is a design issue in the program which makes it store
the username and password of the FTP server in cleartext in
the file 'blackmoon.mdb'

Any user with an account on this host may read this file and
use the password to connect to this FTP server.

Solution : None
Risk : Low

Networks Security ID: 7646

Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Tenable Network Security
Cables, Connectors

INTEL XEON CPU KIT E5-2637V2 QUAD CORE 3.50GHZ FOR IBM SYSTEM X3550 M4 46W2828
$1295.0		 INTEL XEON CPU KIT E5-2637V2 QUAD CORE 3.50GHZ FOR IBM SYSTEM X3550 M4 46W2828 pictureINTEL XEON CPU REPLACEMENT X6550 8 CORE 8C FOR IBM BLADECENTER HX5 46M6993
$2299.0		 INTEL XEON CPU REPLACEMENT X6550 8 CORE 8C FOR IBM BLADECENTER HX5 46M6993 pictureIBM HS22 INTEL XEON e5530 2.40GHZ CPU KIT 43W5989
$110.0		 IBM HS22 INTEL XEON e5530 2.40GHZ CPU KIT 43W5989 pictureINTEL XEON CPU KIT E5-2697V4 18 CORE 2.3GHZ FOR LENOVO SYSTEM X3550 M5 00YJ103
$2245.0		 INTEL XEON CPU KIT E5-2697V4 18 CORE 2.3GHZ FOR LENOVO SYSTEM X3550 M5 00YJ103 picture


Discussions

No Discussions have been posted on this vulnerability.