VULHUB ™

UltraEdit is a multi-featured commercial text editor with support for HTML, C/C++, VB, Java, Perl, XML, and C#. It also includes a hex editor and a small FTP client. UltraEdit's FTP client has a feature which will remember FTP passwords for later use. When passwords are remembered they will be stored on the system using an "admittedly" weak encryption algorithm. As a result, it is a fairly trivial task to decrypt the passwords for FTP accounts. Successful exploitation of this vulnerability will allow a local attacker to gain unauthorized access to the FTP sites used by other local users.

UltraEdit is a multi-featured commercial text editor with support for HTML, C/C++, VB, Java, Perl, XML, and C#. It also includes a hex editor and a small FTP client. UltraEdit's FTP client has a feature which will remember FTP passwords for later use. When passwords are remembered they will be stored on the system using an "admittedly" weak encryption algorithm. As a result, it is a fairly trivial task to decrypt the passwords for FTP accounts. Successful exploitation of this vulnerability will allow a local attacker to gain unauthorized access to the FTP sites used by other local users.