Full Disclosure mailing list archives
Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
From: Mark Lowes <hamster () proftpd org>
Date: Mon, 29 Sep 2003 10:18:50 +0100
On Sat, 2003-09-27 at 13:23, Jedi/Sector One wrote:
Forget the previous mail, I've messed up different versions. 1.2.6 is ok, sorry.
As far as we're aware the faulty code was introduced in 1.2.7rc1 so to
the best of our knowledge code earlier than that is not vulnerable (if
anyone has other information please email security () proftpd org and we'll
be on it).
Mark
--
Mark Lowes <hamster () proftpd org>
http://www.proftpd.org/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Mandrake Linux Security Team (Sep 26)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Jedi/Sector One (Sep 27)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Jedi/Sector One (Sep 27)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Mark Lowes (Sep 29)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Jedi/Sector One (Sep 27)
- Re: MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability Jedi/Sector One (Sep 27)