Go Back   FlashFXP Forums > > > >

General Discuss anything and everything related to FlashFXP

 
 
Thread Tools Display Modes
Old 10-24-2002, 08:53 PM   #1
bigstar
FlashFXP Developer
FlashFXP Administrator
ioFTPD Beta Tester
 
bigstar's Avatar
 
Join Date: Oct 2001
Posts: 8,012
Default FlashFXP v1.4 - FlashFXP Local Password Disclosure Vulnerability

This problem seems to be getting a lot of attention lately so I thought I should clarify exactly what this means.

v1.4 had a feature that allowed you to edit queue items, due to the way the quick connect was designed there was no simple way to edit the site ip/login/pass, so I made it simple for the user and displayed this information in plain text on the queue item edit dialog. Only sites connected to via the quick connect displayed the login/password.

In v2.0 the quick connect was redone and this problem was eliminated.

FlashFXP Local Password Disclosure Vulnerability
http://www.securiteam.com/windowsntf...C00P0U5PE.html

RUMORS
As a result of misinformation or speculation, some rumors have come about stating that this problem results in sharing all of your hard drives with no password. Which is incorrect.
bigstar is offline  
Old 11-06-2002, 05:54 AM   #2
NathanO
Senior Member
FlashFXP Registered User
 
NathanO's Avatar
 
Join Date: May 2002
Posts: 126
Default

Who the f!ck starts these rumours!
NathanO is offline  
 

Tags
connect, edit, flashfxp, password, quick

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 08:35 AM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)