Lucene search

MitreCVE-2005-2599

HistoryAug 17, 2005 - 4:00 a.m.

CVE-2005-2599

2005-08-1704:00:00

mitre

web.nvd.nist.gov

cve-2005-2599

hummingbird ftp

connectivity 10.0

weak encryption

ftp profile

privilege escalation

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.004

Percentile

74.5%

JSON

Hummingbird FTP for Connectivity 10.0 uses weak encryption (trivial encoding) to store the user’s password in the FTP profile, which allows attackers to gain privileges.

Affected configurations

Nvd

Node

hummingbirdconnectivityMatch10.0

VendorProductVersionCPE
hummingbirdconnectivity10.0cpe:2.3:a:hummingbird:connectivity:10.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hummingbird	connectivity	10.0	cpe:2.3:a:hummingbird:connectivity:10.0:::::::*

References

archives.neohapsis.com/archives/bugtraq/2005-08/0219.html

secunia.com/advisories/16430

www.osvdb.org/18734

www.securityfocus.com/bid/14559

exchange.xforce.ibmcloud.com/vulnerabilities/21811

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.004

Percentile

74.5%

JSON

Related for CVE-2005-2599