Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Security issue in Filezilla stored in plain text (sitemanager.xml)
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Mon, 21 Apr 2008 15:46:42 -0400


On Mon, 21 Apr 2008 15:43:57 -0400 Valdis.Kletnieks () vt edu wrote:
On Mon, 21 Apr 2008 15:04:19 EDT, Joey Mengele said:

Exactly, I was talking about the RFC that supersedes that 
particular RFC. 

0959 File Transfer Protocol. J. Postel, J. Reynolds. October 1985.
    (Format: TXT=147316 bytes) (Obsoletes RFC0765) (Updated by 
    RFC2640, RFC2773, RFC3659) (Also STD0009) (Status: STANDARD)

RFC2228 is in fact about a security extension to FTP - 
unfortunately, section
4 of it does not have any subsections, so there is no 4.4.3.

RFC2640 is about internationalization of FTP, and has sections 
4.3, 4.3.1,
and then 5.  No 4.4.3 to be found.

RFC2773 is about encryption using SKIPJACK, but it goes from 4.0 
to 5.0
with no intervening 4.4.3.

RFC3659 is about FTP extensions, but unfortunately section 4 is 
about the
SIZE extension, and has a 4.4 but no 4.4.3 subsection.

So which RFC were you talking about?

I don't have time to hold your hand through this, some of us have 
jobs to do other than posting RFC titles on Internet mailing lists.

Hint: When you find you've dug yourself into a hole, it's usually 
not a
good idea to keep digging...

I think you have demonstrated this for everyone. Perhaps now we can 
close this thread. Or do you intend to continue your hijack?


Ultimate Travel Deals - Click Now!

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]