Plaintext Password Vulnerability ------------------------------------ User info is stored in users.dat in plaintext. If the anonymous account is present (it is by default) the entire FTP server can be compromised ftp://somewhere/program files/pablo's ftp service/users.dat Default Anonymous Account ------------------------------------ The anonymous account is by default set to have download access to anything in the C:\ directory. While this can be disabled by simply deleting the anonymous account, it poses a serious threat for anyone not aware of the problem. ftp://somewhere/windows/repair/sam In conclusion this application is totally open to complete compromise by default. Vendor was notified and plans on releasing a fix soon. Credits ------------------------------------ Creits go to JeiAr of GulfTech Computers and CSA Security Research Team http://www.gulftech.org
