Re: ProFTPD still vulnerable (Sarge)
On Thu, 30 Nov 2006 07:28:53 +0100, Lupe Christoph wrote:
> The attacks ceased before I noticed, so I was not able to capture a TCP
> stream. I would just like to alert people that there is still some
> vulnerability in the ProFTPD code that was not fixed by DSA-1218-1.
Indeed, see <http://idssi.enyo.de/tracker/CVE-2006-5815> and
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=399070>. I guess an
update is in the works somewhere. :)
--
Sam Morris
http://robots.org.uk/
PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
Reply to: