[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability

To: Mandrake Linux Security Team <security@xxxxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
From: Jedi/Sector One <j@xxxxxxxxxxxx>
Date: Sat, 27 Sep 2003 12:24:47 +0159

On Fri, Sep 26, 2003 at 10:50:02PM -0000, Mandrake Linux Security Team wrote:
> The problematic code first appeared in ProFTPD 1.2.7rc1, and
>  the provided packages are all patched by the ProFTPD team to protect
>  against this vulnerability.

  Uh?

  The bug can at least be triggered on version 1.2.6 as well.

-- 
                       Let internet explore your host
                    http://www.pivx.com/larholm/unpatched/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
  - From: Jedi/Sector One

References:
- [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
  - From: Mandrake Linux Security Team

Prev by Date: Re: [Full-Disclosure] CyberInsecurity: The cost of Monopoly
Next by Date: Re: [Full-Disclosure] RE: Probable new MS DCOM RPC worm for Windows
Previous by thread: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
Next by thread: Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
Index(es):
- Date
- Thread