Default Configuration of NCSA Telnet Package Enables Unauthorized FTP Access

Default Configuration of NCSA Telnet Package Enables Unauthorized FTP Access

CVE-1999-1090 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.

Learn more about our Web Application Penetration Testing UK.