Security Incidents mailing list archives
Re: ftpd: the advisory version
From: aleph1 () SECURITYFOCUS COM (Elias Levy)
Date: Thu, 6 Jul 2000 10:19:17 -0700
Date: Wed, 5 Jul 2000 22:13:21 +0100 From: David Malone <dwmalone () maths tcd ie> To: Ron DuFresne <dufresne () WINTERNET COM> Cc: BUGTRAQ () SECURITYFOCUS COM Subject: Re: ftpd: the advisory version Message-ID: <20000705221321.A60535 () walton maths tcd ie> References: <Pine.GSO.4.05.10007031512580.12698-100000 () tundra winternet com> On Mon, Jul 03, 2000 at 03:14:34PM -0500, Ron DuFresne wrote:
While others are stating no noticed increase in scans and attempts to exploit this newfound root shell, we are seeing some evidence of such attempts these last few days.
I've seen two scans of our subnets recently, one a few days before the problem was announced on bugtraq and one a few days after. The scans just seemed to connect and go away again, so I presume they were just collecting ftpd banners. David.
Current thread:
- Re: ftpd: the advisory version Elias Levy (Jul 06)
- <Possible follow-ups>
- Re: ftpd: the advisory version Elias Levy (Jul 06)
- Re: ftpd: the advisory version David Knaack (Jul 06)
- Re: ftpd: the advisory version Ben Laws (Jul 07)
- Re: ftpd: the advisory version Elias Levy (Jul 06)