Unrated severityNVD Advisory· Published Apr 20, 2004· Updated Jun 16, 2026
CVE-2004-1948
CVE-2004-1948
Description
NcFTP client 3.1.6 and 3.1.7, when the username and password are included in an FTP URL that is provided on the command line, allows local users to obtain sensitive information via "ps aux," which displays the URL in the process list.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
14cpe:2.3:a:ncftp_software:ncftp:3.0.0:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:ncftp_software:ncftp:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ncftp_software:ncftp:3.1.7:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- secunia.com/advisories/11438nvdExploitVendor Advisory
- www.securityfocus.com/bid/10182nvdVendor Advisory
- marc.infonvd
- www.osvdb.org/5595nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/15919nvd
News mentions
0No linked articles in our index yet.