Results 1 to 2 of 2

Thread: how to patch ws_ftp.ini bug

  1. October 14th, 2002, 10:29 AM #1
    netdoctor
    netdoctor is offline
    Junior Member
    Join Date
    Oct 2002
    Posts
    2

    how to patch ws_ftp.ini bug

    i was scanning my college site for vunerabilities.i just found a bug named ws_ftp.ini.it has all the passwords of the site.how do help the admin to fix the bug.how do i patch it.plz help me bcoz i wanto help my college site admin.
    N E T d0CT0r
    Reply With Quote Reply With Quote
  2. October 14th, 2002, 10:50 AM #2
    powertoad5000
    powertoad5000 is offline
    Senior Member
    Join Date
    Jun 2002
    Posts
    405
    I found an exploit here which takes advantage of the poor encryption on the ws_ftp.ini file (very old exploit). It seems that the problem is that admins store the file in a public location which people can access easily, and malicious users can then download and decrypt the file. If this is the problem/exploit you are talking about, I think you could help out your admins by just telling them to store the file in a restricted location so that not everyone can access it.

    -toad
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules