Evolvable Shambala Server 4.5 Plaintext Password Vulnerability

Shambala Server is a FTP, Web, and Chat server targeted for the Small Office/Home Office user.

Shambala Server stores all of its passwords in plaintext in the following default location:

C:\Program Files\Shambala\passwords.txt

These passwords could be used to gain full control over Shambala Server and possibly other services if the passwords have been reused.


 

Privacy Statement
Copyright 2010, SecurityFocus