From owner-freebsd-security Fri Dec 1 2:58: 9 2000 Delivered-To: freebsd-security@freebsd.org Received: from guardian.hermes.si (guardian.hermes.si [193.77.5.150]) by hub.freebsd.org (Postfix) with ESMTP id BFAEE37B401 for ; Fri, 1 Dec 2000 02:58:03 -0800 (PST) Received: from hermes.si (primus.hermes.si [193.77.5.98]) by guardian.hermes.si (8.9.3/8.9.3) with ESMTP id LAA03082; Fri, 1 Dec 2000 11:57:36 +0100 (MET) Received: (from uucp@localhost) by hermes.si (8.9.3/8.9.3) id LAA26374; Fri, 1 Dec 2000 11:57:32 +0100 Received: from hal9000.hermes.si(10.17.5.136) by primus.hermes.si via smap (V2.1) id xma025361; Fri, 1 Dec 00 11:56:20 +0100 Received: by hal9000.hermes.si with Internet Mail Service (5.5.2650.21) id ; Fri, 1 Dec 2000 11:56:20 +0100 Message-ID: From: Matjaz Martincic To: "'Nevermind'" Cc: freebsd-security@FreeBSD.ORG Subject: RE: Important!! Vulnerability in standard ftpd Date: Fri, 1 Dec 2000 11:56:20 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Alexandr, >No, I had only trusted non-anonymous ftp accounts. And sure, very-trusted shell >accounts. All of them have full sudo, but all of us were using only ssh, >telnetd was closed, noone accessed to non-anonymous ftp from outside network. Well, that seems like a problem then. What release were(are) you using when you find out that you've been compromised? Matjaz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message