Reported July 27, 2004, by Global Security Solution IT
 

VERSIONS AFFECTED

  • FTP GLIDE client version 2.43

DESCRIPTION
A vulnerability in the client version of FTP GLIDE 2.43 can result in information disclosure. FTP GLIDE stores passwords in clear text, so any user can view them. FTP GLIDE stores its login data at \program files\FTPGlide\\[Profile Name\].ftp

VENDOR RESPONSE
The vendor, Innovative Technology Consulting, LLC, has been notified, but has not released a fix for this problem. In the meantime, permissions should be set on the directory accordingly.

CREDIT
Discovered by Global Security Solution IT.