iptables w/2.4 kernels
I heard about this today. Has anyone had a chance to look at it
and determine if its possible to compromise a host that is
running proftpd server and using netfilters with iptables under the 2.4.3
i.e. Firewall script running on same box as ftp server...
I don't see how this can be done if the ftp server doesn't support anonymous
Please check out http://www.tempest.com.br/advisories/01-2001.html#1
The site seems to be having problems. Took me a bit to get it to come up but
it is a good read.
University of Kentucky