CVE-2004-1948
Severity Score
5.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-04-20 CVE Published
- 2005-05-04 CVE Reserved
- 2024-08-08 CVE Updated
- 2024-08-08 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=108247943201685&w=2 | Mailing List | |
| http://www.osvdb.org/5595 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15919 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/11438 | 2024-08-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/10182 | 2017-07-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.0.0 Search vendor "Ncftp Software" for product "Ncftp" and version "3.0.0" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.0.1 Search vendor "Ncftp Software" for product "Ncftp" and version "3.0.1" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.0.2 Search vendor "Ncftp Software" for product "Ncftp" and version "3.0.2" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.0.3 Search vendor "Ncftp Software" for product "Ncftp" and version "3.0.3" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.0.4 Search vendor "Ncftp Software" for product "Ncftp" and version "3.0.4" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.1.0 Search vendor "Ncftp Software" for product "Ncftp" and version "3.1.0" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.1.1 Search vendor "Ncftp Software" for product "Ncftp" and version "3.1.1" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.1.2 Search vendor "Ncftp Software" for product "Ncftp" and version "3.1.2" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.1.3 Search vendor "Ncftp Software" for product "Ncftp" and version "3.1.3" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.1.4 Search vendor "Ncftp Software" for product "Ncftp" and version "3.1.4" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.1.5 Search vendor "Ncftp Software" for product "Ncftp" and version "3.1.5" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.1.6 Search vendor "Ncftp Software" for product "Ncftp" and version "3.1.6" | - |
Affected
| ||||||
| Ncftp Software Search vendor "Ncftp Software" | Ncftp Search vendor "Ncftp Software" for product "Ncftp" | 3.1.7 Search vendor "Ncftp Software" for product "Ncftp" and version "3.1.7" | - |
Affected
| ||||||