CVE-2000-0038

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Dec 23, 1999

Updated: Nov 20, 2024

Summary

CVE-2000-0038 is a vulnerability affecting the glFtpD server. This issue arises due to the presence of a default user account named "glftpd" with a password and User ID (UID) of 0. An attacker can exploit this vulnerability by gaining unauthorized access to the system, potentially leading to serious security consequences. The default credentials offer a simple way for malicious actors to bypass authentication, making it essential for system administrators to apply patches or configure glFtpD to disable or change the default account and password.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlXch
https://www.cve.org/CVERecord?id=CVE-2000-0038
https://nvd.nist.gov/vuln/detail/CVE-2000-0038

Back to Vulnerability Database

CVE-2000-0038

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations