Insecure Permissions and Plaintext Password Storage in VolanoChatPro Chat Server

Insecure Permissions and Plaintext Password Storage in VolanoChatPro Chat Server

CVE-2000-1148 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server.

Learn more about our Cis Benchmark Audit For Server Software.