Date: Wed, 23 May 2001 10:04:48 +0600 From: "Sergey N. Voronkov" <serg@tmn.ru> To: Kris Kennaway <kris@obsecurity.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Is there a ftp vuln in 4.3-STABLE Message-ID: <20010523100448.A15088@sv.tech.sibitex.tmn.ru> In-Reply-To: <20010522193952.A33978@xor.obsecurity.org>; from kris@obsecurity.org on Tue, May 22, 2001 at 07:39:52PM -0700 References: <000501c0e316$7deb4450$45d8db40@mhx800> <Pine.BSF.4.32.0105222026040.1300-100000@magnetar.blackhatnetworks.com> <20010522193952.A33978@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 22, 2001 at 07:39:52PM -0700, Kris Kennaway wrote: > On Tue, May 22, 2001 at 08:26:29PM -0400, Alex wrote: > > Is this a FreeBSD specific FTP vulnerability? > > > > -Alex > > > > On Tue, 22 May 2001, Ryan wrote: > > > > > There is an ftp vuln... I do not have any details on it sorry.. Some kinda > > > overflow.. I would run proftpd > > No-one has informed the security-officer about any new vulnerability > in FreeBSD (or for that matter, about third party ftpd ports). It's > probably worthwhile not flying into a panic until someone actually > provides some corroborating evidence. > When I'v found this staff in my logfiles I'v change native ftpd to luke's one. Sorry, can't get core to you... And don't want to setup native daemon to provide potential hole to someone. May 16 15:50:34 ftp /kernel: pid 5272 (ftpd), uid 14: exited on signal 11 May 17 21:02:20 ftp /kernel: pid 11157 (ftpd), uid 14: exited on signal 11 Also I have one questtion: how to setup ftpd to allow it dumping core to specified destination? Bye, Serg N. Voronkov To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010523100448.A15088>