Information Disclosure Vulnerability in FTP GLIDE Client 2.43

Reported July 27, 2004, by Global Security Solution IT
 

VERSIONS AFFECTED

  • FTP GLIDE client version 2.43

DESCRIPTION
A vulnerability in the client version of FTP GLIDE 2.43 can result in information disclosure. FTP GLIDE stores passwords in clear text, so any user can view them. FTP GLIDE stores its login data at \program files\FTPGlide\\[Profile Name\].ftp

VENDOR RESPONSE
The vendor, Innovative Technology Consulting, LLC, has been notified, but has not released a fix for this problem. In the meantime, permissions should be set on the directory accordingly.

CREDIT
Discovered by Global Security Solution IT.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish