← CVECheck
HomeVulnerabilities

CVE-2004-1948 — MEDIUM severity vulnerability (NcFTP client 3.1.6 and 3.1.7, when the username and password)

NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.

CVE IDCVE-2004-1948
SeverityMEDIUM
CVSS score4.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-04-20
Last modified2026-04-16
DescriptionNcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →