CVE-2002-2417 — HIGH severity vulnerability (acFTP 1.4 does not properly handle when an invalid password)
acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.
| CVE ID | CVE-2002-2417 |
|---|---|
| Severity | HIGH |
| CVSS score | 10.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| CWE | CWE-287 |
| Status | Modified |
| Published | 2002-12-31 |
| Last modified | 2026-04-16 |
| Description | acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →