Executive Summary

Informations
NameCVE-2004-1948First vendor Publication2004-04-20
VendorCveLast vendor Modification2017-07-10

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score4.6Attack RangeLocal
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides unauthorized access : Allows partial confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1948

CWE : Common Weakness Enumeration

%idName

CPE : Common Platform Enumeration

TypeDescriptionCount
Application13

Open Source Vulnerability Database (OSVDB)

idDescription
5595NcFTP Client Local Credentials Disclosure

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/10182
BUGTRAQ http://marc.info/?l=bugtraq&m=108247943201685&w=2
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/15919

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
DateInformations
2017-07-11 12:01:41
  • Multiple Updates
2016-10-18 12:01:29
  • Multiple Updates
2016-06-28 15:08:31
  • Multiple Updates
2016-04-26 13:04:26
  • Multiple Updates
2013-05-11 11:47:10
  • Multiple Updates