CVE-2001-1481 Information

Description

Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file whose default permissions are world-readable which allows remote attackers to gain privileges.

Reference

http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0109.html http://www.securityfocus.com/archive/1/242375 http://www.securityfocus.com/bid/3582 https://exchange.xforce.ibmcloud.com/vulnerabilities/7600