FlashFXP Forums - View Single Post

helenoksen · 11-09-2005, 05:52 PM

'also this week, a security issue was published concerning ioftpd. you can read about the issue at this site. basically ioftpd uses different error messages for an unknown user and an unknown password. you can exploit this to determine whether a username is a valid account on the server. modern server design calls for this information to be hidden.'

Maybe move this info to the regged forum section? Ppl get crazy ideas when reading such things.

Thanks. keep up the good work!

11-09-2005, 05:52 PM
helenoksen Member Join Date: Oct 2005 Posts: 75	'also this week, a security issue was published concerning ioftpd. you can read about the issue at this site. basically ioftpd uses different error messages for an unknown user and an unknown password. you can exploit this to determine whether a username is a valid account on the server. modern server design calls for this information to be hidden.' Maybe move this info to the regged forum section? Ppl get crazy ideas when reading such things. Thanks. keep up the good work!