Date: Thu, 31 Jul 2003 14:18:25 -0400 From: Lucas Holt <luke@foolishgames.com> To: freebsd-questions@freebsd.org Subject: WU FTPD Message-ID: <6041B5F2-C383-11D7-A62F-0030656DD690@foolishgames.com>
next in thread | raw e-mail | index | archive | help
There was a vulnerability released today in wu ftpd and I'm unclear if this would affect the software running on a freebsd system. It appears to cause problems on linux 2.4.x kernels but not older kernels due to the way the compiler works. Does anyone know if this problem is exploitable on freebsd? If not, where should I ask this question? Here's the header included in the advisory with links. Synopsis: wu-ftpd fb_realpath() off-by-one bug Product: wu-ftpd Version: 2.5.0 <= 2.6.2 Vendor: http://www.wuftpd.org/ URL: http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0466 Author: Wojciech Purczynski <cliph@isec.pl> Janusz Niewiadomski <funkysh@isec.pl> Date: July 31, 2003 Lucas Holt Luke@FoolishGames.com ________________________________________________________ FoolishGames.com (Jewel Fan Site) JustJournal.com (Free blogging) "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." - Albert Einstein (1879-1955)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6041B5F2-C383-11D7-A62F-0030656DD690>