Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Microsoft's fix for URL containing username:password@ obfuscation

From: Kenton Smith <ksmith () chartwelltechnology com>
Date: 28 Jan 2004 10:07:00 -0700
On Tue, 2004-01-27 at 21:36, Zach Forsyth wrote:

After reading through the MS advisory in more detail it doesn't actually
mention ftp at all.
This was kindly pointed out by several FD readers :) 

I will wait and see if the patch just "fixes" http and https before
worrying about it in earnest.

And for people saying don't use IE, if you aren't the sole admin on the
server you don't have the choice to install other apps.
Believe me if I could install something else I would just put a real ftp
app and firebird on there and not have to ask silly questions on FD.


This is being asked in all seriousness and helpfulness... Do you have
access to a command line? You could the command line FTP, it's way
better than IE.

Kenton

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: