Full Disclosure mailing list archives
RE: Microsoft's fix for URL containing username:password@ obfuscation
From: "Zach Forsyth" <Zach.Forsyth () kiandra com>
Date: Wed, 28 Jan 2004 15:36:15 +1100
After reading through the MS advisory in more detail it doesn't actually mention ftp at all. This was kindly pointed out by several FD readers :) I will wait and see if the patch just "fixes" http and https before worrying about it in earnest. And for people saying don't use IE, if you aren't the sole admin on the server you don't have the choice to install other apps. Believe me if I could install something else I would just put a real ftp app and firebird on there and not have to ask silly questions on FD. Cheers z _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Microsoft's fix for URL containing username:password@ obfuscation Zach Forsyth (Jan 27)
- Re: Microsoft's fix for URL containing username:password@ obfuscation George Capehart (Jan 27)
- Re: Microsoft's fix for URL containing username:password@ obfuscation Thomas Frenzel (Jan 27)
- <Possible follow-ups>
- Microsoft's fix for URL containing username:password@ obfuscation Bobby Brown (Jan 27)
- Re: Microsoft's fix for URL containing username:password@ obfuscation Daniel . Capo (Jan 28)
- RE: Microsoft's fix for URL containing username:password@ obfuscation Zach Forsyth (Jan 27)
- Re: Microsoft's fix for URL containing username:password@ obfuscation Cael Abal (Jan 28)
- Re: Microsoft's fix for URL containing username:password@ obfuscation Nick FitzGerald (Jan 28)
- RE: Microsoft's fix for URL containing username:password@ obfuscation Kenton Smith (Jan 28)
- RE: Microsoft's fix for URL containing username:password@ obfuscation Ron DuFresne (Jan 28)
- Re: Microsoft's fix for URL containing username:password@ obfuscation Cael Abal (Jan 28)