Full Disclosure mailing list archives
Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml)
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Fri, 18 Apr 2008 16:16:59 -0400
Valids, On Fri, 18 Apr 2008 16:10:41 -0400 Valdis.Kletnieks () vt edu wrote:
On Fri, 18 Apr 2008 15:42:44 EDT, Joey Mengele said:I disagree, read the RFC. There are plenty of more secure FTP clients such as the OpenSSH.com groups proactive secure SecureFTP(sftp) implementation of FTP.Right, except that SFTP isn't the RFC959 protocol that lives on ports 20/21, it's an entirely different protocol layered on top of the OpenSSH on port 22. If you actually *do* "read the RFC", RFC959, section 4.1.1 says:
Then how do you explain the security offered by section 3.4.3 of RFC959? Or did you just skip over that... J -- Own your own business. Click here to start making money owning your own franchise. http://tagline.hushmail.com/fc/Ioyw6h4fPmWsA2fzSQ6klsvwitr5lyEN7uWRbhg5RUfeRgV7wM17Gg/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Joey Mengele (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Garrett M. Groff (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 18)
- <Possible follow-ups>
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Joey Mengele (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Joey Mengele (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Joey Mengele (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Garrett M. Groff (Apr 18)