CVE-2005-1092 Information

Description

Lightspeed DeluxeFTP 6.01 stores usernames and passwords in plaintext in sites.xml which is world-readable which allows local users to gain privileges.

Reference

http://lostmon.blogspot.com/2005/04/deluxeftp-plain-text-passwords.html http://secunia.com/advisories/14923 http://www.osvdb.org/15421 http://www.securityfocus.com/bid/13105