From owner-freebsd-security  Thu Sep  9 16:16:39 1999
Delivered-To: freebsd-security@freebsd.org
Received: from kinetic.tiora.net (kinetic.tiora.net [206.251.130.15])
	by hub.freebsd.org (Postfix) with ESMTP id 6CF2014F0C
	for <security@FreeBSD.ORG>; Thu,  9 Sep 1999 16:16:32 -0700 (PDT)
	(envelope-from liam@kinetic.tiora.net)
Received: from localhost (liam@localhost)
	by kinetic.tiora.net (8.9.3/8.9.3) with ESMTP id QAA17930;
	Thu, 9 Sep 1999 16:14:33 -0700 (PDT)
Date: Thu, 9 Sep 1999 16:14:33 -0700 (PDT)
From: Liam Slusser <liam@tiora.net>
To: Warner Losh <imp@village.org>
Cc: "Rashid N. Achilov" <shelton@sentry.granch.ru>,
	Ruslan Ermilov <ru@ucb.crimea.ua>, Bill Fink <bill@billfink.com>,
	security@FreeBSD.ORG, support@tiora.net
Subject: Re: FTP Vulnerability 
In-Reply-To: <199909091911.NAA30736@harmony.village.org>
Message-ID: <Pine.GSO.4.05.9909091608130.17462-100000@kinetic.tiora.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


Does anybody know if BeroFTPD version 1.1.14 is Vulnerable?  I know i need
to update to a newer version one of these days...is this one of these
days?

*grin*

liam

System Administrator Tiora Networks | www.tiora.net <---- tiora's webpage
www.tiora.net/~liam <----- homepage | liam@tiora.net <-- my email address
Lowered turbo powered Honda Civic's are really cool. <---------- my quote

On Thu, 9 Sep 1999, Warner Losh wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> In message <Pine.BSF.4.10.9909092051490.59511-100000@sentry.granch.ru> "Rashid N. Achilov" writes:
> : On Thu, 9 Sep 1999, Ruslan Ermilov wrote:
> : 
> : > > I've visited the mirrors for the WUFTP site(s) looking for the versions
> : > > "after August 30" and there's NOTHING newer than MAY.
> : > > 
> : > The versions we are talking about refer to the FreeBSD ports collection.
> : > Port of wu-ftpd (/usr/ports/net/wu-ftpd) has been upgraded to apply the
> : > following patch:
> : > 
> : > ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply_to_2.5.0/mapped.path.overrun.patch
> : 
> : On this site mapped.overrun... dated August,24.
> : In ports tree in patches subdir newest patch dated April,7 :-)
> 
> The port updated its Makefile on or about August 30 to start using the
> mapped.path.overrun.patch file.
> 
> Warner
> 
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3ia
> Charset: noconv
> Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
> 
> iQCVAwUBN9gGaVUuHi5z0oilAQFriwP/YpVRzMxETgfXlqO70EDhQQ1lQz0aOIR5
> JphalepZzWAWW5/8PD61K5URzt2YcRwH5HXXQrnEwE8pqOGfH2RndDIV9jKc90NY
> CXyEX9c2HYt2W207eei/agi/2fC/Q5kITP3k0CiPtw6YaNUWinpY5WNlWwM982Ep
> VROBnv7mXoE=
> =xto7
> -----END PGP SIGNATURE-----
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message