Tashcom ASPEdit 2.9 stores the administration password (aka the FTP password) in cleartext in the registry, which might allow local users to view the password.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Aspedit | Tashcom | 2.9 (including) | 2.9 (including) |
References
- http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=94
- http://securityreason.com/securityalert/37
- http://securitytracker.com/id?1014989
- http://www.osvdb.org/19744
- http://k.domaindlx.com/shellcore/advisories.asp?bug_report=display\u0026infamous_group=94
- http://securityreason.com/securityalert/37
- http://securitytracker.com/id?1014989
- http://www.osvdb.org/19744