https://www.exploit-db.com/exploits/22032
https://cxsecurity.com/issue/WLB-2007110008
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-688

acFTP是一款开放源代码的FTP守护程序，使用于Windows操作系统下。acFTP的验证代码包含一个缺陷，本地攻击者可以利用这个漏洞不使用合法密码进行验证登录系统。由于acFTP的验证代码的设计缺陷，攻击者可以无需正确的验证登录有此漏洞的FTP服务程序，即不需要使用合法的密码来进行登录。

source: http://www.securityfocus.com/bid/6235/info

A vulnerability has been reported for acFTP. Reportedly, acFTP allows users to authenticate without a valid password.

An attacker can exploit this vulnerability and log on to the vulnerable FTP server without need for proper authentication.

USER private
PASS #

来源:BID
名称:6235
链接:http://www.securityfocus.com/bid/6235
来源:BUGTRAQ
名称:20021124acFTPAuthenticationIssue
链接:http://www.securityfocus.com/archive/1/300929
来源:XF
名称:acftp-authentication-bypass(10681)
链接:http://www.iss.net/security_center/static/10681.php
来源:SREASON
名称:3334
链接:http://securityreason.com/securityalert/3334
来源:VULNWATCH
名称:20021123acFTPAuthenticationIssue
链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0088.html
来源：NSFOCUS
名称：3906
链接：http://www.nsfocus.net/vulndb/3906