CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-1999-1337

FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.5%

CVSS Severity

CVSS v2 Score 4.6

References

http://marc.info/?l=bugtraq&m=93370073207984&w=2
http://www.iss.net/security_center/static/9873.php
http://www.osvdb.org/5921
http://marc.info/?l=bugtraq&m=93370073207984&w=2
http://www.iss.net/security_center/static/9873.php
http://www.osvdb.org/5921

Products affected by CVE-1999-1337

Midnight Commander » Midnight Commander » Version: Any

cpe:2.3:a:midnight_commander:midnight_commander:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-1999-1337

Products

Pricing

Contact Us