Bugtraq mailing list archives
Re: gftp - ms ftp debug mode
From: boldi () BUDAPEST HU (Bencsath Boldizsar)
Date: Wed, 8 Sep 1999 23:18:04 +0200
M$ win98 ftp client displays password on screen in cleartext in debug mode. I think, even in debug mode it is not a good idea to display passwords on screen, by the way, who the hell wants to debug an ftp server's password function with m$ ftp client. The debugging feature is useful, but I think not for this one. ftp> debug Debugging On . ftp> open ftp.ebizlab.hit.bme.hu Connected to ftp.ebizlab.hit.bme.hu. 220 ProFTPD 1.2.0pre4 Server (E-Biz ftp server) [fermat.ebizlab.hit.bme.hu] User (ftp.ebizlab.hit.bme.hu:(none)): foo ---> USER foo 331 Password required for foo. Password: ---> PASS bar 530 Login incorrect. the same under unix: ftp> open ftp.bme.hu Connected to goliat.eik.bme.hu. 220 goliat FTP server (SunOS 5.7) ready. Name (ftp.bme.hu:root): foo ---> USER foo 331 Password required for foo. Password: ---> PASS XXXX 530 Login incorrect. Login failed. -------------------------------- Bencsath Boldizsar boldi () ebizlab hit bme hu --------------------------------
Current thread:
- Root shell vixie cron exploit Michal Zalewski (Jul 05)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)
- Re: Root shell vixie cron exploit Michal Zalewski (Sep 01)
- Re: Root shell vixie cron exploit John Kennedy (Sep 03)
- Re: Root shell vixie cron exploit Peter Wemm (Sep 07)
- Re: Root shell vixie cron exploit Raymond Dijkxhoorn (Sep 07)
- Re: Root shell vixie cron exploit Christos Zoulas (Sep 03)
- [security-officer () FreeBSD ORG: FreeBSD-SA-99:01: BSD File Flags and Programming Techniques] Patrick Oonk (Sep 03)
- Re: Root shell vixie cron exploit Valentin Nechayev (Sep 04)
- gftp Oscar Haeger (Sep 05)
- Re: gftp - ms ftp debug mode Bencsath Boldizsar (Sep 08)
- fixing all buffer overflows --- random magin numbers Dr. Joel M. Hoffman (Sep 11)
- Re: fixing all buffer overflows --- random magin numbers Peter van Dijk (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Eric Hutchinson (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Daniel W. Dulitz x108 (Sep 13)
- Enterprise Overflow Daniel Kerr (Sep 11)
- Re: gftp - ms ftp debug mode Valentin (Sep 12)
- Re: gftp - ms ftp debug mode Max Vision (Sep 12)
- Linux 2.2.12 mini-audit Solar Designer (Sep 13)
- Vulnerability in dtaction Job de Haas (Sep 13)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)
- Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug UNYUN (Sep 12)