Re: proftpd exploit
On Friday 26 September 2003 09:33, mimo wrote:
> I have just discovered this exploit report but couldn't find anything
> about other distros than Slackware
> http://proftpd.linux.co.uk/index.html
> Does any body know if the debian version is affected too?
You should always take a look at bug reports if you're worried about a
security issue. Here's the bug report on this for Debian:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=212416
According to the bug report, woody is not vulnerable. ISS says that versions
1.2.7 through 1.2.9rc2 (and possibly versions prior to 1.2.7) are vulnerable.
I suspect that someone somewhere has since tested ealier versions (woody runs
a patched 1.2.4) and decided that those versions are not vulnerable. It
would be nice if the bug report noted on what evidence stable is not
affected.
> All I could think of for the moment was disabling donwloading via FTP
> globally. Any ideas?
Yes it sounds like denying either uploads or downloads would have saved you.
--
Fraser Campbell <fraser@wehave.net> http://www.wehave.net/
Halton Hills, Ontario, Canada Debian GNU/Linux
Reply to: