Date: Thu, 9 Sep 1999 16:22:55 +0300 From: Ruslan Ermilov <ru@ucb.crimea.ua> To: Bill Fink <bill@billfink.com> Cc: security@FreeBSD.ORG Subject: Re: FTP Vulnerability Message-ID: <19990909162255.A15548@relay.ucb.crimea.ua> In-Reply-To: <51D35DCFD7B0D21189440040333985C0013853@exchange1.billfink.com.247.64.63.IN-ADDR.ARPA>; from Bill Fink on Thu, Sep 09, 1999 at 09:03:01AM -0400 References: <51D35DCFD7B0D21189440040333985C0013853@exchange1.billfink.com.247.64.63.IN-ADDR.ARPA>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Sep 09, 1999 at 09:03:01AM -0400, Bill Fink wrote: > > > I truly apologize, I trust I'm overlooking something here. > > The advisory below states: > > >> Upgrade your wu-ftpd or proftpd > >> ports to the most recent versions > >> (any version after August 30, 1999 > >> is not impacted by this problem). > > I've visited the mirrors for the WUFTP site(s) looking for the versions > "after August 30" and there's NOTHING newer than MAY. > The versions we are talking about refer to the FreeBSD ports collection. Port of wu-ftpd (/usr/ports/net/wu-ftpd) has been upgraded to apply the following patch: ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/mapped.path.overrun.patch Cheers, -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank, ru@FreeBSD.org FreeBSD committer, +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990909162255.A15548>