FlashFXP Forums - View Single Post

bigstar · 08-02-2004, 04:22 PM

This was a security vulnerability in v2.1. By not checking the fingerprint on the data channel it's possible for a middle man attack.

This issue was addressed in v3.0, If the finger print on the data channel does not match the control connection we reject the connection and display a warning.

For the sake of security and peace of mind of the user we decided to enforce this rule. Currently this cannot be disabled.

08-02-2004, 04:22 PM
bigstar FlashFXP Developer Join Date: Oct 2001 Posts: 8,012	This was a security vulnerability in v2.1. By not checking the fingerprint on the data channel it's possible for a middle man attack. This issue was addressed in v3.0, If the finger print on the data channel does not match the control connection we reject the connection and display a warning. For the sake of security and peace of mind of the user we decided to enforce this rule. Currently this cannot be disabled.