CVE-2007-2165


Severity : Medium
Published : 2007-04-22
Modified : 2008-11-13
Base Score : 5.1
Details : The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd.
Product/Version : Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
 
 
 

CVE Vulnerabilities List CVE-2007

CVE-2007-0062CVE-2007-0247CVE-2007-0248CVE-2007-0910
CVE-2007-0988CVE-2007-1001CVE-2007-1217CVE-2007-1218
CVE-2007-1286CVE-2007-1536CVE-2007-1718CVE-2007-1863
CVE-2007-2165CVE-2007-2242CVE-2007-2438CVE-2007-2451
CVE-2007-2754CVE-2007-2876CVE-2007-2953CVE-2007-3107
CVE-2007-3108CVE-2007-3799CVE-2007-3806CVE-2007-3998
CVE-2007-4091CVE-2007-4131CVE-2007-4476CVE-2007-4567
CVE-2007-4570CVE-2007-4573CVE-2007-4657CVE-2007-4772
CVE-2007-4826CVE-2007-5000CVE-2007-5093CVE-2007-5116
CVE-2007-5794CVE-2007-5966CVE-2007-6067CVE-2007-6151
CVE-2007-6199CVE-2007-6200CVE-2007-6203CVE-2007-6388
CVE-2007-6417CVE-2007-6420CVE-2007-6421CVE-2007-6422
CVE-2007-6694CVE-2007-6698CVE-2007-6716