CVE-2007-2165


Severity : Medium
Published : 2007-04-22
Modified : 2008-11-13
Base Score : 5.1
Details : The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd.
Product/Version : Pro 4.x  
CGE 4.x  
Mobilinux 4.x  
 
 
 

CVE Vulnerabilities List CVE-2007

CVE-2007-0062 CVE-2007-0247 CVE-2007-0248 CVE-2007-0910
CVE-2007-0988 CVE-2007-1001 CVE-2007-1217 CVE-2007-1218
CVE-2007-1286 CVE-2007-1536 CVE-2007-1718 CVE-2007-1863
CVE-2007-2165 CVE-2007-2242 CVE-2007-2438 CVE-2007-2451
CVE-2007-2754 CVE-2007-2876 CVE-2007-2953 CVE-2007-3107
CVE-2007-3108 CVE-2007-3799 CVE-2007-3806 CVE-2007-3998
CVE-2007-4091 CVE-2007-4131 CVE-2007-4476 CVE-2007-4567
CVE-2007-4570 CVE-2007-4573 CVE-2007-4657 CVE-2007-4772
CVE-2007-4826 CVE-2007-5000 CVE-2007-5093 CVE-2007-5116
CVE-2007-5794 CVE-2007-5966 CVE-2007-6067 CVE-2007-6151
CVE-2007-6199 CVE-2007-6200 CVE-2007-6203 CVE-2007-6388
CVE-2007-6417 CVE-2007-6420 CVE-2007-6421 CVE-2007-6422
CVE-2007-6694 CVE-2007-6698 CVE-2007-6716