Re: FTP servers and security help
Well, if it was released in the last two weeks or so, then thats the one! :)
On Sun, Sep 05, 1999 at 08:48:49PM -0500, Brad wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> On Sun, 5 Sep 1999, Seth R Arnold wrote:
> > Paul, stay away from wu_ftpd. It might be a wonderful piece of software, it
> > might do many things -- but it seems half the unix traffic on bugtraq is due
> > to buffer overflows in wu_ftpd. A security hole was found in proftpd
> > recently, but the patch (on bugtraq) is a one-line fix -- so I imagine the
> > debian maintainer will have a patch out soon, if not already -- if you don't
> > want to deal with compiling your own server.
> - From the changelog </usr/share/doc/proftpd/changelog.Debian.gz>
> proftpd (1.2.0pre4-1) unstable; urgency=high
> * New upstream version, fixing remote root exploit.
> i _think_ this means the patch has already been applied and uploaded.
> - --
> finger for PGP public key.
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3ia
> Charset: noconv
> -----END PGP SIGNATURE-----
Seth Arnold | http://www.willamette.edu/~sarnold/
Hate spam? See http://maps.vix.com/rbl/ for help
Hi! I'm a .signature virus! Copy me into
your ~/.signature to help me spread!