Full Disclosure mailing list archives
Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml)
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Mon, 21 Apr 2008 12:04:41 -0400
Groffg, I think you are mistaken. Perhaps you have an outdated version of the document in question? J On Fri, 18 Apr 2008 16:58:07 -0400 "Garrett M. Groff" <groffg () gmgdesign com> wrote:
Joey, are you certain that you're looking at RFC 959? There is no 4.3.3 section in RFC 959. - G ----- Original Message ----- From: "Joey Mengele" <joey.mengele () hushmail com> To: <joey.mengele () hushmail com>; <valdis.kletnieks () vt edu> Cc: <full-disclosure () lists grok org uk> Sent: Friday, April 18, 2008 4:26 PM Subject: Re: [Full-disclosure] Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml)Valdis, On Fri, 18 Apr 2008 16:24:13 -0400 Valdis.Kletnieks () vt eduwrote:3.4.3. COMPRESSED MODE There are three kinds of information to be sent:regulardata, sent in a byte string; compressed data, consisting of replications or filler; and control information, sentina two-byte escape sequence. If n>0 bytes (up to 127) of regular data are sent, these n bytes are preceded by a bytewiththe left-most bit set to 0 and the right-most 7 bits containing the number n. If you think run-length-encoding compression is security, you're even less clued than I thought.My mistake, I meant 4.3.3. J -- Click here for the latest quotes on bankruptcy refinancing!http://tagline.hushmail.com/fc/Ioyw6h4fRnroSLsvHrCYtJ9JDLtdNw4IP7N4 gbgWgeI5CYmB23TeUw/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- Cheap Diet Help Tips. Click here. http://tagline.hushmail.com/fc/Ioyw6h4exXztrH7T7dHwpPcqZ7V0k15LYuUwAduIP8Miv2xFtcdc7m/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Joey Mengele (Apr 21)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 21)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Micheal Cottingham (Apr 21)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 21)
- <Possible follow-ups>
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Joey Mengele (Apr 21)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 21)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Andrew Farmer (Apr 21)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 21)
- Re: Security issue in Filezilla 3.0.9.2:passwordsare stored in plain text (sitemanager.xml) Valdis . Kletnieks (Apr 21)