[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

wuftp 2.6

To: ilugc@xxxxxxxxxxxxxxxxxx
Subject: wuftp 2.6
From: swaraj <swaraj19@xxxxxxxxx>
Date: Fri, 30 Jun 2000 21:15:41 +0530
Reply-to: ilugc@xxxxxxxxxxxxxxxxxx
Sender: jag@xxxxxxxxxxxxxxx
Sender: ilugc-bounce@xxxxxxxxxxxxxxxxxx

hi

any one running wuftp 2.6
the respective vendor vulnerable os are
redhat 6.1 6.2 (as usual) including Zope
slackware 7.0
suse 6.3
mandrake 7.0
caldera
and the fun is debian is not hehe coz it runs openbsd ftp :)
the best fix would be remove yur wuftp and compile the openbsd ftp its
neat and secure
the exploit is a buffer overflow and will give remote root so it is very
serious
the immediate fix is remove anonymous login
the attacker can  get root if the box accepts anonymous thats scary !


swaraj

debian rulezzzzzzz  :)



---
Visit our home page at: www.chennailug.org
Send e-mail to 'ilugc-request@xxxxxxxxxxxxxxxxxx' with 'unsubscribe' 
in either the subject or the body to unsubscribe from this list.

Prev by Subject: When is the next meet???
Next by Subject: XF 4.0 Binaries
Previous by thread: Visit of PC Quest Editor
Next by thread: [SECURITY-Debian] New verion of dhcp released
Index(es):
- Subject
- Thread