Results 1 to 2 of 2

Thread: how to patch ws_ftp.ini bug

  1. #1
    Junior Member
    Join Date
    Oct 2002

    how to patch ws_ftp.ini bug

    i was scanning my college site for vunerabilities.i just found a bug named ws_ftp.ini.it has all the passwords of the site.how do help the admin to fix the bug.how do i patch it.plz help me bcoz i wanto help my college site admin.
    N E T d0CT0r

  2. #2
    Senior Member
    Join Date
    Jun 2002
    I found an exploit here which takes advantage of the poor encryption on the ws_ftp.ini file (very old exploit). It seems that the problem is that admins store the file in a public location which people can access easily, and malicious users can then download and decrypt the file. If this is the problem/exploit you are talking about, I think you could help out your admins by just telling them to store the file in a restricted location so that not everyone can access it.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts