Full Disclosure mailing list archives
Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
From: Jedi/Sector One <j () pureftpd org>
Date: Sat, 27 Sep 2003 12:24:47 +0159
On Fri, Sep 26, 2003 at 10:50:02PM -0000, Mandrake Linux Security Team wrote:
The problematic code first appeared in ProFTPD 1.2.7rc1, and the provided packages are all patched by the ProFTPD team to protect against this vulnerability.
Uh?
The bug can at least be triggered on version 1.2.6 as well.
--
Let internet explore your host
http://www.pivx.com/larholm/unpatched/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Mandrake Linux Security Team (Sep 26)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Jedi/Sector One (Sep 27)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Jedi/Sector One (Sep 27)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Mark Lowes (Sep 29)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Jedi/Sector One (Sep 27)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Jedi/Sector One (Sep 27)