Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1999_1

Bugtraq archives for 1st quarter (Jan-Mar) 1999: Re: [proftpd-l] root compromise ? (fwd)

Re: [proftpd-l] root compromise ? (fwd)

Nic Bellamy (skyWIBBLE.NET)
Mon, 15 Feb 1999 20:36:33 +1300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Haze: "Possible Netscape Crypto Security Flaw"
Previous message: Wichert Akkerman: "[SECURITY] New versions of cfengine fixes symlink attack"
In reply to: Dirk Moerenhout: "Re: [proftpd-l] root compromise ? (fwd)"

On Sun, 14 Feb 1999, Dirk Moerenhout wrote:

> Proftpd 1.2.0pre1 is not patched. If it is, then it is very weird that
> there is a patch on the ftp-site for this problem.

ProFTPd 1.2.0pre2 is available from ftp://ftp.proftpd.org/distrib/ - it
fixes this particular problem, and a few others (including a memory leak
when doing `ls -lR' that could have easily been used as a DoS attack).

So, forget the patches, just upgrade :-)

Regards,
	Nic.

#include ".signature"

Next message: Haze: "Possible Netscape Crypto Security Flaw"
Previous message: Wichert Akkerman: "[SECURITY] New versions of cfengine fixes symlink attack"
In reply to: Dirk Moerenhout: "Re: [proftpd-l] root compromise ? (fwd)"