[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
From: Mark Lowes <hamster@xxxxxxxxxxx>
Date: Mon, 29 Sep 2003 10:18:50 +0100

On Sat, 2003-09-27 at 13:23, Jedi/Sector One wrote:
>   Forget the previous mail, I've messed up different versions.
>   1.2.6 is ok, sorry.

As far as we're aware the faulty code was introduced in 1.2.7rc1 so to
the best of our knowledge code earlier than that is not vulnerable (if
anyone has other information please email security@xxxxxxxxxxx and we'll
be on it).

    Mark

-- 
Mark Lowes <hamster@xxxxxxxxxxx>
http://www.proftpd.org/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
  - From: Mandrake Linux Security Team
- Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
  - From: Jedi/Sector One
- Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
  - From: Jedi/Sector One

Prev by Date: Re: [inbox] Re: [Full-Disclosure] CyberInsecurity: The cost of Monopoly
Next by Date: [Full-Disclosure] Shattering SEH III
Previous by thread: Re: [Full-Disclosure] MDKSA-2003:095 - Updated proftpd packages fix remote root vulnerability
Next by thread: [Full-Disclosure] UnixWare 7.1.3 UnixWare 7.1.1 Open UNIX 8.0.0 : Network device drivers reuse old frame buffer data to pad packets
Index(es):
- Date
- Thread