Re: wu-ftp vulnerability

To: "Greg Wiley" <greg@orthogony.com>
Cc: <debian-user@lists.debian.org>
Subject: Re: wu-ftp vulnerability
From: John Griffiths <john@capmon.com>
Date: Thu, 29 Nov 2001 12:35:13 +1100
Message-id: <[🔎] 3.0.5.32.20011129123513.039df330@mailhost.capmon.com>
In-reply-to: <[🔎] 000d01c17874$61a00120$0464b10a@orthogony.net>

At 05:22 PM 11/28/01 -0800, Greg Wiley wrote:
>According to /., wu-ftp has a vulnerability that
>allows root access to files. Check out:
>
>http://www.securityfocus.com/archive/1/242750
>
>Debian 2.2 is on the list.
>
>Apologies if this has been discussed already.
>

Apparently the maintainer is working on it slashdot 
has picked up the story so world+dog is no aware of it.

Does this effect wu-ftpd's that don't allow anonymous access?

i.e. if only user's can log on, and I trust my users, can 
I stop stressing about it until the fixed version is available?

John

Reply to:

Follow-Ups:
- KDE Two questions
  - From: Xeno Campanoli <xeno@eskimo.com>
- Re: wu-ftp vulnerability
  - From: greg@orthogony.com

References:
- wu-ftp vulnerability
  - From: "Greg Wiley" <greg@orthogony.com>

Prev by Date: wu-ftp vulnerability
Next by Date: Re: Kmail problems - please reply offlist
Previous by thread: wu-ftp vulnerability
Next by thread: KDE Two questions
Index(es):
- Date
- Thread