Opened 18 years ago
Last modified 9 years ago
#938 closed Bug report
FileZilla weakly-encrypted password vulnerability (?)
|Reported by:||xtejclbtmt||Owned by:|
|Keywords:||Cc:||xtejclbtmt, Tim Kosse|
|Component version:||Operating system type:|
|Operating system version:|
..I didn't see any news or other information on the SF
site, so I'm forwarding this for the developers:
I'm not a programmer/coder so I couldn't check the POC
for myself, but I wanted to pass this on to the
developers of Filezilla.
p.s.: Great app, besides all this. Keep Coding!
Change History (2)
Note: See TracTickets for help on using tickets.
It's not a vulnerability it's by design. Every single
program which can store passwords transparently is affected
by this problem. Every single webbrowser, every single
e-mail client and every single ftp client including
FileZilla, on every single operation system.
Think about it, there's no way to transparently store
passwords in a secure way.