Subj : Re: session pw revealed in crash/direct
To   : All
From : Gunter
Date : Mon May 08 2023 22:19:00

From: Gunter <gunter.sandner@googlemail.com>

Hallo Martin!

> After a bit of poking around in my own setup here and sending a couple
> of crash netmails, it appears that OpenXP is writing the Primary Fido
> Server packet password to ALL crash netmails, regardless of where they
> are destined. In other words, OpenXP is not revealing the BossNode
> session password, it is revealing the BossNode packet password which, of
> course, is just as bad and it should NOT be doing this.

Ok, I'll have a look at it.
Thanks for testing !!!


Ciao
Gunter

--- 
 * Origin: rbb.fidonet.fi - the fidonet nntp junction (2:221/10)

.