|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Michael Osten (mosten_at_bleepyou.com)
Date: Wed Sep 11 2002 - 23:29:25 CDT
On Wed, 11 Sep 2002, Ver Allan Sumabat wrote:
> we used linux 2.4.7-10. we only opened ports 21 (ftp),
> 22 (ssh), and 443 (https).
>
> 21 - wu-ftpd-2.6.1-20
> 22 - openssh-3.1
take your pick, both of these have remote root exploits. Both were
widely reported. A simple google search would have told you that.
wu-ftpd (why does anyone run this piece of crap, is it possible that they
will have a remote root exploit for EVERY release?)
The current release is 2.6.2
ftp://ftp.wu-ftpd.org/pub/wu-ftpd-attic/cert.org/CA-2001-33
May I suggest NcFTPD?
OpenSSH-3.1
http://online.securityfocus.com/bid/5093
Could I make a suggestion? Stay current on patches.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]