Bugtraq mailing list archives
Re: Netect Advisory: palmetto.ftpd - remote root overflow
From: bugtraq () ANKH SAMIAM ORG (bugtraq mailing list account)
Date: Tue, 9 Feb 1999 16:09:08 -0800
I would like to thank Jordan for making this information public, and making available pointers to updated versions of ftpd that do not have these problems. Since I did not find a RedHat-4.2 compatible RPM of the latest "vr" release of wu-ftpd, I took the libery of making an updated ftpd RPM myself. This is a "quick and dirty" RPM, and does not, AFAIK, properly use PAM, and assumes that you are using a standard shadowed system. One advantage of this version of ftpd, in addition to fixing the long directory problem, is that /etc/ftpaccess actually works. RPMs of wu-ftpd-beta18-VR13 here: http://www.samiam.org/blackdragon Hopefully, RedHat will have some more PAM-friendly RPMs available soon for both 5.2 and 4.2 systems. - Sam
Current thread:
- FakeBo 0.3.1 & nmap, (continued)
- FakeBo 0.3.1 & nmap Michael (Feb 08)
- Spoofed Yahoo web site - www.yaho.co.uk Paul Murphy (Feb 08)
- Re: Spoofed Yahoo web site - www.yaho.co.uk Paul McGovern (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Christopher Masto (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- NetApp Filer software versions 5.x: potential hardware killer Jason Downs (Feb 10)
- Netect Advisory: palmetto.ftpd - remote root overflow Jordan Ritter (Feb 09)
- Re: Netect Advisory: palmetto.ftpd - remote root overflow bugtraq mailing list account (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Mr. joej (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Casper Dik (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 10)
- sl0scan (ambiguous source portscanner) miff (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Darren Reed (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Joel Eriksson (Feb 12)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Randy Taylor (Feb 10)