[NT] FlashFXP Local Password Disclosure Vulnerability
From: support@securiteam.comDate: 10/23/02
- Previous message: support@securiteam.com: "[UNIX] Buffer Overflow in kadmind4"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: 23 Oct 2002 23:58:23 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
FlashFXP Local Password Disclosure Vulnerability
------------------------------------------------------------------------
SUMMARY
<http://www.FlashFXP.com> FlashFXP offers the easiest and fastest way to
transfer any file using FTP, providing an exceptionally stable and robust
program that you can always count on to get your job done quickly and
efficiently. A vulnerability allows local users to discover the FTP
passwords used in the product.
DETAILS
Vulnerable systems:
* FlashFXP version 1.4 (build 800)
Immune systems:
* FlashFXP version 2.0
When passwords are entered into FlashFXP they are generally echoed with
asterisks, but there is an exception. When there are transfers in the
queue the password is visible in clear text by editing the queue
properties.
Vendor contacted:
E-mailed CEDsoft on 8/31/02. They responded within hours and informed me
that they had already known about this vulnerability and that their
publicly available beta version already had it fixed.
Solution:
Upgrade to the latest version.
ADDITIONAL INFORMATION
The information has been provided by <mailto:bludclot@hellokitty.com>
Blud Clot.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[UNIX] Buffer Overflow in kadmind4"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [Full-disclosure] Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 an
... vulnerability since it's located in a function used to ... decrypt a specific
type of passwords used by this vendor ... B] endless dead processes ... OfficeScan
is an anti-virus client and server developed by Trend Micro. ... (Full-Disclosure) - Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other produ
... vulnerability since it's located in a function used to ... decrypt a specific
type of passwords used by this vendor ... B] endless dead processes ... OfficeScan
is an anti-virus client and server developed by Trend Micro. ... (Bugtraq) - [FlashFXP] Two Buffer Overflow Vulnerabilities
... FlashFXP is a GUI base FTP Client for Windows. ... By exploiting this vulnerability,
an attacker can execute ... The buffer overflow vulnerability in the reply for PASV command.
... 2003-05-07 Reported to vendor. ... (NT-Bugtraq) - Re: Apple Safari on MacOSX may reveal users saved passwords
... which appears to be the whole basis of this 'vulnerability'. ... In this case
to steal passwords is sufficent to entice the victim to execute a malicious script, that normally
it's not enough since keychain refuses access to untrusted applications. ... As far as
root access goes, see my comments above regarding key loggers? ... (Bugtraq) - Re: Hardware vs Software
... > Yeah, guy, I don't use passwords. ... >>There is an exploitable
vulnerability which contains the ... > Microsoft Security ... (microsoft.public.security.virus)
