Date: Fri, 10 Sep 1999 22:18:30 -0600 From: Warner Losh <imp@village.org> To: Michael Grommet <mgrommet@isiar.net> Cc: "'freebsd-security@freebsd.org'" <freebsd-security@FreeBSD.ORG> Subject: Re: Concerning Latest FTPD exploit: FreeBSD Security Advisory: FreeBS D-SA-99:03.ftpd Message-ID: <199909110418.WAA12288@harmony.village.org> In-Reply-To: Your message of "Thu, 09 Sep 1999 08:20:46 CDT." <7011ACE3864AD31183E50008C7FA081F01D4C2@ISIMAIN> References: <7011ACE3864AD31183E50008C7FA081F01D4C2@ISIMAIN>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- In message <7011ACE3864AD31183E50008C7FA081F01D4C2@ISIMAIN> Michael Grommet writes: : Am I correct in my assumtion that this is _not_ exploitable on the standard : ftpd that installs : with freebsd 2.2.8 - 3.2 - Stable? No. You are not correct to assume that. As far as I know, both of the FTP servers are exploitable, for different reasons. Wu-ftpd is exploitable back to the dawn of time, if I read the commentary about wu-ftpd right. Warner -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBN9nYFdxynu/2qPVhAQGOdgP8DuGSKHQAdypnP8IAq4uA3abAG+LeqnvP sS+VjtS49YicY3cIS/1seafX3GnRCzx641ZOaWJIQHS3JCrg0X4smvArCpw+NAHt +NzEqVi4IFkyMlcNsVr1HKZuPr3w4qRRX+qPGfuxjOwLOBTlJ1EpAwxzsuPMZV5k PpO6bcLG8M0= =vRmm -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909110418.WAA12288>