Required CVE Record Information
Description
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.
References 5 Total
- securityfocus.com: 10182 vdb-entry
- secunia.com: 11438 third-party-advisory
- marc.info: 20040419 NcFTP - password leaking mailing-list
- osvdb.org: 5595 vdb-entry
- exchange.xforce.ibmcloud.com: ncftp-info-disclosure(15919) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- securityfocus.com: 10182 vdb-entryx_transferred
- secunia.com: 11438 third-party-advisoryx_transferred
- marc.info: 20040419 NcFTP - password leaking mailing-listx_transferred
- osvdb.org: 5595 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: ncftp-info-disclosure(15919) vdb-entryx_transferred