From owner-freebsd-security Tue Feb 16 01:13:28 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA25098 for freebsd-security-outgoing; Tue, 16 Feb 1999 01:13:28 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from aniwa.sky (p36-max5.wlg.ihug.co.nz [202.49.241.36]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA25093 for ; Tue, 16 Feb 1999 01:13:25 -0800 (PST) (envelope-from andrew@squiz.co.nz) Received: from aniwa.sky (localhost [127.0.0.1]) by aniwa.sky (8.9.1a/8.9.1) with ESMTP id WAA17654; Tue, 16 Feb 1999 22:13:02 +1300 (NZDT) Message-Id: <199902160913.WAA17654@aniwa.sky> X-Mailer: exmh version 2.0.2 2/24/98 To: cjclark@home.com cc: freebsd-security@FreeBSD.ORG Subject: Re: CA-99-03-FTP-Buffer-Overflows In-reply-to: Your message of "Mon, 15 Feb 1999 22:13:07 CDT." <199902160313.WAA29938@cc942873-a.ewndsr1.nj.home.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 16 Feb 1999 22:13:02 +1300 From: Andrew McNaughton Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > See, > > http://www.cert.org/advisories/CA-99-03-FTP-Buffer-Overflows.html > > For the full text. > > Is FreeBSD vunerable? I hope that this, > > > % NetBSD > > > > % NetBSD All versions ARE NOT vulnerable. > > Implies FreeBSD is neither. I know FreeBSD and NetBSD use the same > ftp, but ftpd? Just looking for verification. Thanks. I found it rather curious that FreeBSD's ftpd was not mentioned. Particularly as the PGP signature's version ID said FreeBSD was used, implying that it would have been around for testing. Andrew McNaughton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message