Bugtraq mailing list archives
FTPXQ default install read/write capabilities
From: "Brice Carlson" <tuck167 () hotmail com>
Date: Tue, 18 Dec 2001 22:58:02 -0500
FTPXQ default install read/write capabilities by Brice Carlson **** System **** ftpXQ by www.datawizard.net **** Problem ****Upon default setup. Through anonymous and through the user name and pass of test you have read/write capabilities to drive c:
**** Vendor Notification Date. **** December 4, 2001 **** Vendor Response to email. ****Hi Brice, Yes, those IDs are configured by default to have access for the C:\ drive for the purpose of an administrator testing the server. We assume that every responsible administrator will run the server first in a test environment, and not in a production setting, or on an IP that is exposed to the internet. Administrators should obviously change the access for both of these accounts and/or change the User IDs before putting it into a production environment. As a result of your email however, we will change the default access for the anonymous user to be read only, as well as post a message at the end of the install noting the default access for the test users. Sincerely, Rahim
Rahim Mawji Director, Applications Development DataWizard Technologies Phone: (416) 385-9741, x1013 Fax: (416) 385-9784 rmawji () datawizard net www.datawizard.net ---end vendor response **** Enough Said! **** -- Brice Carlson -- tuck167 () hotmail com _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.
Current thread:
- FTPXQ default install read/write capabilities Brice Carlson (Dec 18)