CVE-1999-1090

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published Sep 10, 1991
Updated: Nov 20, 2024

Summary

CVE-1999-1090 is a vulnerability affecting the NCSA Telnet package for Macintosh and PC. Contrary to its configuration, this software allows FTP access even when the "ftp=yes" line is missing. This oversight exposes systems to remote attacks, enabling unauthorized users to read and modify arbitrary files. The vulnerability poses a significant risk, as it bypasses the intended access control and could lead to data manipulation or theft. It is recommended that affected systems be updated to a secure version of the Telnet package or that FTP be disabled altogether.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share