mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-24 10:20:37 +01:00
1.0 KiB
1.0 KiB
CVE-2005-2898
Description
NOTE: this issue has been disputed by the vendor. FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses a weak encryption scheme to store the user's password in the configuration settings file, which allows local users to obtain sensitive information. NOTE: the vendor has disputed the issue, stating that "the problem is not a vulnerability at all, but in fact a fundamental issue of every single program that can store passwords transparently.
POC
Reference
Github
No PoCs found on GitHub currently.