Bugtraq mailing list archives
Re: Fw: Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on an RS6000. (power)
From: k.stevenson () LOUISVILLE EDU (Keith Stevenson)
Date: Wed, 29 Sep 1999 16:30:47 -0400
On Wed, Sep 29, 1999 at 01:00:32PM +0100, W.H.J.Pinckaers wrote:
At this time: NO, but please make sure you are vulnerable first, we did discover that this bug is very specific for AIX 4.3.2. (Most other AIX versions aren't vulnerable to this particular bug)
The version of ftpd contained in bos.net.tcp.client v. 4.3.2.7 seems to be vulnerable. A quick check of IBM's software site shows that v. 4.3.2.10 seems to be the latest version of that fileset. I have no idea whether or not it is vulnerable though. Regards, --Keith Stevenson-- -- Keith Stevenson System Programmer - Data Center Services - University of Louisville k.stevenson () louisville edu PGP key fingerprint = 4B 29 A8 95 A8 82 EA A2 29 CE 68 DE FC EE B6 A0
Current thread:
- Re: Fw: Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on an RS6000. (power) W.H.J.Pinckaers (Sep 29)
- Updated Allaire Security Zone Bulletin and Patch Available Aleph One (Sep 29)
- Re: Fw: Remote bufferoverflow exploit for ftpd from AIX 4.3.2 Bill Pemberton (Sep 29)
- Re: Fw: Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on an RS6000. (power) Troy A. Bollinger (Sep 29)
- Re: Fw: Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on an RS6000. (power) Keith Stevenson (Sep 29)