ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2001-09-12T04:00:00

Updated: 2024-08-01T17:18:07.455Z

Reserved: 2001-08-31T00:00:00

Link: CVE-1999-1475

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 1999-11-19T05:00:00.000

Modified: 2024-11-20T23:31:12.337

Link: CVE-1999-1475

cve-icon Redhat

No data.