FTP Supports Cleartext Authentication

low Nessus Plugin ID 34324

Language:

Synopsis

Authentication credentials might be intercepted.

Description

The remote FTP server allows the user's name and password to be transmitted in cleartext, which could be intercepted by a network sniffer or a man-in-the-middle attack.

Solution

Switch to SFTP (part of the SSH suite) or FTPS (FTP over SSL/TLS). In the latter case, configure the server so that control connections are encrypted.

Plugin Details

Severity: Low

ID: 34324

File Name: ftp_clear_text_credentials.nasl

Version: 1.28

Type: remote

Family: FTP

Published: 10/1/2008

Updated: 2/24/2021

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Cleartext credentials can be intercepted on the network

CVSS v2

Risk Factor: Low

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Reference Information

CWE: 522, 523, 928, 930

Detections

Analytics