[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Latest wu-ftpd exploit :-s

To: <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: Latest wu-ftpd exploit :-s
From: "Ragnar Paulson" <ragnar@xxxxxxxxxxx>
Date: Tue, 14 Feb 2006 11:48:47 -0500

----- Original Message ----- 
From: "Mark Heiligen" <mark.heiligen@xxxxxx>
To: <bugtraq@xxxxxxxxxxxxxxxxx>; <full-disclosure@xxxxxxxxxxxxxxxxx>
Sent: Monday, February 13, 2006 3:41 AM
Subject: Latest wu-ftpd exploit :-s

> http://www.frsirt.com/exploits/08.11.0x82-wu262-advanced.c.php
> 

Isn't this a three year old exploit?  Is this news?   CVE-2003-0466.

Upgrades for wu-ftpd have been available from the various vendors for just as 
long.

FWIW, I compiled and ran this against an old wu-ftpd server here and found it 
was not exploitable.

Ragnar Paulson
The Software Group Limited

References:
- Latest wu-ftpd exploit :-s
  - From: Mark Heiligen

Prev by Date: Re: Invision Power Board Army System Mod <= 2.1 SQL Injection Exploit
Next by Date: Digital Armaments Security Advisory 02.14.2006: Gallery web-based photo gallery remote file execution
Previous by thread: Re: Latest wu-ftpd exploit :-s
Next by thread: Bypass Fortinet anti-virus using FTP
Index(es):
- Date
- Thread