2004. április 10. 18:09 dátummal sciencewhiz@juno.com ezt írta: > Proftp was vulnerable to this one: > http://www.kb.cert.org/vuls/id/405348 but I don't consider it a high > risk, because someone would have to upload the file. The passwords > were reasonably secure. > Hi! I am just curious, that if my proftpd runs as user 'ftp', than the one who uses this vulnerability could only run arbitrary code as user ftp, or as root? Thanks! Daniel -- LeVA