CVE-1999-1090

Properties

Published:
09.09.1991
Updated:
12.10.2005
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:C/I:C/A:P/B:N) Approximated
Product:
NCSA: Telnet

Vulnerability description

The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.

References:

CERT: http://www.cert.org/advisories/CA-1991-15.html
ISS X-Force: http://xforce.iss.net/static/1844.php