Re: ISSalert: ISS Security Alert: WU-FTPD Heap Corruption Vulnerability (fwd)
From: Krzysztof Zaraska (kzaraska@student.uci.agh.edu.pl)
Date: 11/30/01
- Next message: Fernanda: "Sites feitos para gerar negócios"
- Previous message: Erick Mechler: "Re: sshd exploit"
- In reply to: Konrad Heuer: "ISSalert: ISS Security Alert: WU-FTPD Heap Corruption Vulnerability (fwd)"
- Next in thread: Jason Hunt: "Re: ISSalert: ISS Security Alert: WU-FTPD Heap Corruption Vulnerability (fwd)"
- Reply: Jason Hunt: "Re: ISSalert: ISS Security Alert: WU-FTPD Heap Corruption Vulnerability (fwd)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 30 Nov 2001 11:11:38 +0100 From: Krzysztof Zaraska <kzaraska@student.uci.agh.edu.pl> To: "Konrad Heuer" <kheuer@gwdu60.gwdg.de>
On Fri, 30 Nov 2001 09:53:13 +0100 (CET) Konrad Heuer wrote:
> Any opinions whether wu-ftpd on FreeBSD is vulnerable too? To my mind,
it
> seems so.
The advisory by Dave Ahmad/Securityfocus.com (see BUGTRAQ archives) says
that you can check if you are vulnerable by logging into FTP server and
doing
ftp> ls ~{
if this segfaults, you are vulnerable.
I don't have any machine running wu-ftpd at hand, unfortunately.
The diffs from Red Hat patch were already published on this list.
Regards,
Krzysztof
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Fernanda: "Sites feitos para gerar negócios"
- Previous message: Erick Mechler: "Re: sshd exploit"
- In reply to: Konrad Heuer: "ISSalert: ISS Security Alert: WU-FTPD Heap Corruption Vulnerability (fwd)"
- Next in thread: Jason Hunt: "Re: ISSalert: ISS Security Alert: WU-FTPD Heap Corruption Vulnerability (fwd)"
- Reply: Jason Hunt: "Re: ISSalert: ISS Security Alert: WU-FTPD Heap Corruption Vulnerability (fwd)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
