Date: Fri, 30 Nov 2001 11:11:38 +0100 From: Krzysztof Zaraska <kzaraska@student.uci.agh.edu.pl> To: "Konrad Heuer" <kheuer@gwdu60.gwdg.de> Cc: freebsd-security@freebsd.org Subject: Re: ISSalert: ISS Security Alert: WU-FTPD Heap Corruption Vulnerability (fwd) Message-ID: <20011130111138.7a26b526.kzaraska@student.uci.agh.edu.pl> In-Reply-To: <20011130095138.F55193-100000@gwdu60.gwdg.de> References: <20011130095138.F55193-100000@gwdu60.gwdg.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 30 Nov 2001 09:53:13 +0100 (CET) Konrad Heuer wrote:
> Any opinions whether wu-ftpd on FreeBSD is vulnerable too? To my mind,
it
> seems so.
The advisory by Dave Ahmad/Securityfocus.com (see BUGTRAQ archives) says
that you can check if you are vulnerable by logging into FTP server and
doing
ftp> ls ~{
if this segfaults, you are vulnerable.
I don't have any machine running wu-ftpd at hand, unfortunately.
The diffs from Red Hat patch were already published on this list.
Regards,
Krzysztof
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011130111138.7a26b526.kzaraska>