[15796] in bugtraq
Re: Security hole in Win2K's FTP server
daemon@ATHENA.MIT.EDU (Bob Kline)
Mon Jul 17 13:41:51 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.10007142147310.21988-100000@rksystems.com>
Date: Fri, 14 Jul 2000 22:03:45 -0400
Reply-To: Bob Kline <bkline@RKSYSTEMS.COM>
From: Bob Kline <bkline@RKSYSTEMS.COM>
X-To: Ben Greenbaum <bgreenbaum@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.GSO.4.21.0007141554200.104-100000@mail>
On Fri, 14 Jul 2000, Ben Greenbaum wrote:
> However, it is documented and works as intended, so I don't think it
> can be considered a bug.
Perhaps, depending on how much you want to distinguish security
deficiencies from bugs, and whether you consider the online help
(providing detailed instructions for a security feature which does
*not* work) to be part of the documentation. My own view is that
when a software product does not behave as described by the
instructions which accompany it, that is a bug.
--
Bob Kline
mailto:bkline@rksystems.com
http://www.rksystems.com
