Rumpus FTP Server Plaintext Password Vulnerability

Rumpus FTP Server is an implementation for MacOS which allows file-sharing across TCP/IP connections.

Passwords are stored in plaintext format in the prefs folder.

If access to the prefs folder is not restricted then a remote user may view the plaintext password file and access any user account on the server.


Privacy Statement
Copyright 2010, SecurityFocus