Lucene search

[email protected]CVE-2001-0103

HistoryFeb 12, 2001 - 5:00 a.m.

CVE-2001-0103

2001-02-1205:00:00

CWE-310

[email protected]

web.nvd.nist.gov

weak encryption

coffeecup direct

free ftp clients

ftpservers.ini file

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

CoffeeCup Direct and Free FTP clients uses weak encryption to store passwords in the FTPServers.ini file, which could allow attackers to easily decrypt the passwords.

Affected configurations

NVD

Node

coffeecup_softwarecoffeecup_direct_ftpMatch1.0

coffeecup_softwarecoffeecup_free_ftpMatch1.0

CPENameOperatorVersion
coffeecup_software:coffeecup_direct_ftpcoffeecup software coffeecup direct ftpeq1.0
coffeecup_software:coffeecup_free_ftpcoffeecup software coffeecup free ftpeq1.0

CPE	Name	Operator	Version
coffeecup_software:coffeecup_direct_ftp	coffeecup software coffeecup direct ftp	eq	1.0
coffeecup_software:coffeecup_free_ftp	coffeecup software coffeecup free ftp	eq	1.0

References

www.securityfocus.com/bid/2107

exchange.xforce.ibmcloud.com/vulnerabilities/5744

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

Related for CVE-2001-0103

nvd1 cvelist1