[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: [SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability

To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] Re: [SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability
From: Ulf Härnhammar <Ulf.Harnhammar.9485@student.uu.se>
Date: Mon, 23 Feb 2004 22:28:46 +0100

If you use hsftp on some other system than Debian, you'll be interested in the
fact that this has been corrected in upstream's recently released version 1.14.

Another way to correct this is to apply my attached patch (diff'ed against
version 1.13).

-- 
Ulf Härnhammar
 student, Uppsala universitet
 redaktör, idiosynkratisk ( http://labben.abm.uu.se/~ulha9485/idiosynkratisk/ )

Attachment: hsftp.patch
Description: Binary data

Prev by Date: RE: [Full-Disclosure] ASN.1 telephony critical infrastructure warning - VOIP
Next by Date: [Full-Disclosure] International Convention on Cybercrime
Previous by thread: [Full-Disclosure] International Convention on Cybercrime
Next by thread: [Full-Disclosure] STG Security Advisory: [SSA-20040217-06] Apache for cygwin directory traversal vulnerability
Index(es):
- Date
- Thread