From owner-freebsd-questions  Tue Feb 16 10: 5:47 1999
Received: from cm110108.cableco-op.com (cm110108.cableco-op.com [206.24.110.108])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA16758
          for <freebsd-questions@freebsd.org>; Tue, 16 Feb 1999 10:05:42 -0800 (PST)
          (envelope-from jwg@netbox.com)
Received: from localhost (jwg@localhost)
	by cm110108.cableco-op.com (8.8.8/8.8.8) with SMTP id KAA19503
	for <freebsd-questions@freebsd.org>; Tue, 16 Feb 1999 10:06:15 -0800 (PST)
	(envelope-from jwg@netbox.com)
X-Authentication-Warning: cm110108.cableco-op.com: jwg owned process doing -bs
Date: Tue, 16 Feb 1999 10:06:15 -0800 (PST)
From: Jeff Gray <jwg@netbox.com>
X-Sender: jwg@cm110108.cableco-op.com
To: Questions at FreeBSD <freebsd-questions@freebsd.org>
Subject: ftp vulnerability
Message-ID: <Pine.BSF.3.96.990216095711.18417A-100000@cm110108.cableco-op.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Running 2.2.6, standard install. This includes the ftp server, 
FTP server (Version 6.00)

The recent CERT advisory on the vulnurability of certain ftp servers is
unclear, at least to me, on whether FreeBSD is effected and if so which
ftp servers are effected.  Their explanation is based on the OS.

I posted to security about wu-ftp.  Is there a security issue with Version
6.00?

BTW the CERT advisory can be found at
www.cert.org/advisories/CA-03-99-Buffer-Overflows.html

Jeff



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message