From owner-freebsd-security@FreeBSD.ORG Fri Aug 1 11:25:41 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 031FE37B401 for ; Fri, 1 Aug 2003 11:25:41 -0700 (PDT) Received: from pumaman.dyndns.org (isi-dsl-126-137.isis.de [213.128.126.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5171E43FD7 for ; Fri, 1 Aug 2003 11:25:35 -0700 (PDT) (envelope-from bjoern.engels@mail.isis.de) Received: from sigma7.bnet ([192.168.103.222]) by pumaman.dyndns.org with esmtp (TLSv1:DES-CBC3-SHA:168) (Exim 3.36 #1) id 19ieai-000JvD-00 for freebsd-security@freebsd.org; Fri, 01 Aug 2003 20:25:24 +0200 From: Bjoern Engels To: freebsd-security@freebsd.org In-Reply-To: References: Content-Type: text/plain Organization: Message-Id: <1059762323.2635.7.camel@sigma7.bnet> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.2 (1.2.2-5) Date: 01 Aug 2003 20:25:23 +0200 Content-Transfer-Encoding: 7bit Subject: Re: Wu-ftpd FTP server contains remotely exploitable off-by-one bug X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Aug 2003 18:25:41 -0000 On Thu, 2003-07-31 at 21:19, Robert Watson wrote: > wu-ftpd, unlike many Linux distributions. It's considered a third party > software package, which means it will generally be covered in ports > security notices, as opposed to FreeBSD security advisories. In the past, I haven't seen a single Ports advisory during the last months, what's happened to them? -- Bjoern Engels You know you're doomed when you have to whois your domain registrar ID to find out your own phone number