MRSoft Personal FTP Server (PFTP) Discloses Passwords to Local Users
|
|
SecurityTracker Alert ID: 1006888
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: May 31 2003
|
Impact: Disclosure of authentication information
|
Exploit Included: Yes
|
Version(s): 4.45
|
Description: Ziv Kamir reported a vulnerability in the Personal FTP Server (PFTP) from MRSoft. A local user can gain access to user passwords.
It is reported that the server stores usernames and passwords in clear text in the '\Program Files\PFTP\PFTPUSERS3.USR' file.
The vendor has reportedly been notified (on May 30, 2003) without response.
|
Impact: A local user can view user passwords.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.mrdownload.de/ (Links to External Site)
|
Cause: Access control error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 30 May 2003 21:35:04 -0400
Subject: personal ftp server Clear Text Password Storage Vulnerability
|
This is a multi-part message in MIME format.
--------------010200060303080903030604
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
-------- Original Message --------
Subject: personal ftp server Clear Text Password Storage Vulnerability
Date: Fri, 30 May 2003 17:35:21 -0700 (PDT)
From: Ziv Kamir <vulncode@yahoo.com>
To: bugs@securitytracker.com
Hi ,
Attach TxT file .
------------------------------------------------------------------------
Do you Yahoo!?
Free online calendar
<http://us.rd.yahoo.com/mail_us/tag/*http://calendar.yahoo.com> with
sync to Outlook(TM).
--------------010200060303080903030604
Content-Type: text/plain;
name="Pftp.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="Pftp.txt"
30/05/03
Ziv Kamir
---------
-------------------------------------------------------
Application: Personal FTP Server
Web Site: http://www.MRdownload.de
http://home.t-online.de/home/m-roth
Versions: 4.45
Platform: Windows
Bug: Clear Text Password Storage Vulnerability .
Credits:
########
#################################
# #
# Ziv Kamir #
# #
# Email : vulncode@yahoo.com #
# #
# #
#################################
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
===============
1) Introduction
===============
FTP-Server for Win95/98/ME/NT/XP with easy to use
userinterface (closed and open systems). You can define different rights
from read only, write only up to read-write and delete.
======
2) Bug
======
Personal FTP Server stores all usernames and passwords in the file \Program Files\PFTP\PFTPUSERS3.USR
in clear text. If a malicious
user were to gain access to this file, they would have a list of all usernames and their associated
passwords.
===========
3) The Code
===========
There is no exploit code required to take advantage of this vulnerability.
===========
4) The Fix
===========
Date of Vendor Notification:
30-05-03
Status:
Waiting to answer from the author.
***************************************************************
* =========================================================== *
* *
* *** The Data is for educational purpose only. *** *
* *
* =========================================================== *
***************************************************************
--------------010200060303080903030604--
|
|
