Vulnerability Details CVE-2005-4066
Total Commander 6.53 uses weak encryption to store FTP usernames and passwords in WCX_FTP.INI, which allows local users to decrypt the passwords and gain access to FTP servers, as possibly demonstrated by the W32.Gudeb worm.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.1%
CVSS Severity
CVSS v2 Score 4.9
References
- http://securitytracker.com/id?1015311
- http://www.networksecurity.fi/advisories/total-commander.html
- http://www.vupen.com/english/advisories/2005/2780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23497
- http://securitytracker.com/id?1015311
- http://www.networksecurity.fi/advisories/total-commander.html
- http://www.vupen.com/english/advisories/2005/2780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23497
Products affected by CVE-2005-4066
-
cpe:2.3:a:christian_ghisler:total_commander:6.53