[15504] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Problems with FTGate

daemon@ATHENA.MIT.EDU (Andrew Lewis)
Tue Jun 27 19:00:54 2000

Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id:  <Pine.BSF.4.10.10006262019340.87758-100000@unix.za.net>
Date:         Mon, 26 Jun 2000 20:23:08 +0200
Reply-To: Andrew Lewis <wizdumb@UNIX.ZA.NET>
From: Andrew Lewis <wizdumb@UNIX.ZA.NET>
To: BUGTRAQ@SECURITYFOCUS.COM

The Problem:
------------
FTGate's POP3 server responds to invalid USER requests with a -ERR code
and doesn't disconnect you. This means that it is possible to bruteforce
usernames and passwords with ease.

Credit:
-------
Andrew Lewis aka. Wizdumb, One of the many losers from the MDMA crew
<www.mdma.za.net>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[15504] in bugtraq

Problems with FTGate

daemon@ATHENA.MIT.EDU (Andrew Lewis)Tue Jun 27 19:00:54 2000

daemon@ATHENA.MIT.EDU (Andrew Lewis)
Tue Jun 27 19:00:54 2000