CVE-2004-2400
UnknownEPSS 0.34%
Last modified
CVE-2004-2400 is a vulnerability of currently unknown severity. WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.
Description
WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Winftp Server | Winftp Server | 1.6 |
References
- http://secunia.com/advisories/13304Vendor Advisory
- http://securitytracker.com/id?1012321Vendor Advisory
- http://secunia.com/advisories/13304Vendor Advisory
- http://securitytracker.com/id?1012321Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-2400?
WinFTP Server 1.6 stores username and password credentials in plaintext in the data\user.wfd file, which allows local users to gain access to the credentials.
How severe is CVE-2004-2400?
Severity scoring for CVE-2004-2400 is pending analysis. The EPSS model estimates a 0.34% probability of exploitation in the next 30 days.
How do I fix CVE-2004-2400?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2004-2400?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST