• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

NcFTP Local Information Disclosure Vulnerability

NcFTP has been reported prone to a local information disclosure vulnerability. The issue presents itself because the NcFTP client does not correctly obfuscate arguments that are passed to the client software. If NcFTP client has been launched with an ftp site URI as an argument, this argument will be visible in the 'ps -aux' process list.