Full Disclosure mailing list archives
Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml)
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Fri, 18 Apr 2008 16:09:26 -0400
Dear Groff, On Fri, 18 Apr 2008 16:04:29 -0400 "Garrett M. Groff" <groffg () gmgdesign com> wrote:
Per the FileZilla feature page (http://filezilla-project.org/client_features.php): "Supports FTP, FTP over SSL/TLS (FTPS) and SSH File Transfer Protocol (SFTP)" Did you try selecting the option to use FTPS in FileZilla?
If you had been following the thread, you would see that the flaw is actually in the FTP mode of FileZilla, not an FTPS mode. J -- Taking a trip? Click here to compare hotel rates and find a great deal. http://tagline.hushmail.com/fc/Ioyw6h4eRCkl2WuOJ13amA9b6PG4ox7XnOrifzLIfVx075ekFnBHMM/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Joey Mengele (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Garrett M. Groff (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 18)
- <Possible follow-ups>
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Joey Mengele (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Joey Mengele (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwords are stored in plain text (sitemanager.xml) Joey Mengele (Apr 18)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Garrett M. Groff (Apr 18)