Vulnerability in Cerberusftp Ftp_server

CVE-2012-5301

The default configuration of Cerberus FTP Server before 5.0.4.0 supports the DES cipher for SSH sessions, which makes it easier for remote attackers to obtain sensitive information by sniffing the network and performing a brute-force attac…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.003 (48.6th percentile) — read the EPSS interpretation.

Affected products

Cerberusftp Ftp_server — versions 1.0, 1.01, 1.1
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

cve@mitre.org (x_refsource_CONFIRM)
cerberus-ftp-info-disclosure(79503) (vdb-entry, x_refsource_XF)