Displaying 7 results from an estimated 7 matches for "wuftpd".
Did you mean:
wsftpd
1999 Sep 15
0
FreeBSD Security Advisory: FreeBSD-SA-99:03.ftpd REISSUED
...rts vulnerable to attack.
Category: ports
Module: wu-ftpd and proftpd
Announced: 1999-09-05
Reissued: 1999-09-15
Affects: FreeBSD 3.2 (and earlier)
FreeBSD-current and -stable before the correction date.
Corrected: FreeBSD-3.3 RELEASE
FreeBSD as of 1999/08/30 for wuftpd only
(Note: there is only one ports tree which is shared with
all FreeBSD branches, so if you are running a -stable
version of FreeBSD you will also be impacted.)
FreeBSD only: NO
Bugtraq Id: proftpd: 612
Patches: NONE
I. Background
wuftpd, beroftpd and proftpd are all opt...
1999 Sep 07
0
FreeBSD Security Advisory: FreeBSD-SA-99:03.ftpd
...y: ports
Module: wu-ftpd and proftpd
Announced: 1999-09-05
Affects: FreeBSD 3.2 (and earlier)
FreeBSD-current before the correction date.
Corrected: FreeBSD-3.3 RELEASE
FreeBSD-current as of 1999/08/30
FreeBSD only: NO
Patches: NONE
I. Background
wuftpd and proftpd have a flaw which can lead to a remote root
compromise. They are both vulnerable since they are both based on a
code base that is vulnerable.
II. Problem Description
Remote users can gain root via a buffer overflow.
III. Impact
Remote users can gain root.
IV. Workaround
Disable...
1999 Oct 23
0
[slackware-security] CA-99-13: wu-ftpd upgrade available (fwd)
...and Slackware-current
REGARDING: CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD
The recent CERT advisory reporting multiple vulnerabilities in WU-FTPD
affects Slackware-current and Slackware-4.0. Here is the advisory that
CERT released:
http://www.cert.org/advisories/CA-99-13-wuftpd.html
An upgraded tcpip1.tgz package is available for both Slackware 4.0 and
Slackware-current in their respective directories on ftp.cdrom.com:
For Slackware-current:
ftp://ftp.cdrom.com/pub/linux/slackware-current/slakware/n6/tcpip1.tgz
For Slackware-4.0:
ftp://ftp.cdrom.com/pub/lin...
1999 Oct 24
0
[slackware-security] CA-99-13: minimal fix for Slackware 3.5 through 4.0 (fwd)
...cent CERT advisory about WU-FTPD:
An alternative minimal fix is available for Slackware versions 3.5,
3.6, 3.9, and 4.0. Users can download this and run "installpkg" on
it to upgrade the FTP server.
You can obtain the pacakge from:
ftp://ftp.cdrom.com/pub/linux/slackware-4.0/patches/wuftpd.tgz
David Cantrell | david@slackware.com
2000 Jun 21
1
Warning regarding new kernel RPMs
...8:29:51 -0400
Message-Id: <200006232229.SAA10608@lacrosse.corp.redhat.com>
Subject: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed
Content-transfer-encoding: 8bit
Approved: ewt@redhat.com
To: redhat-watch-list@redhat.com, linux-security@redhat.com,
bugtraq@securityfocus.com, wuftpd-questions@wu-ftpd.org,
wu-ftpd@mail.wustl.edu
From: bugzilla@redhat.com
Cc:
Content-type: text/plain; charset="iso-8859-1"
Mime-version: 1.0
Date: Fri, 23 Jun 2000 18:29 -0400
---------------------------------------------------------------------
Red Hat, Inc....
2001 May 24
1
chroot sftp-server [PATCH]
I'm working on setting up a semi-trusted sftp service, and to get it
working, I need chroot capability.
I've taken the /./ wuftpd magic token code from contrib/chroot.diff and
put it into the sftp server. The main problem is that privileges have
been dropped by the time the subsystem is exec'ed, so my patch requires
that sftp-server be setuid root. Not ideal, I know, but I drop all
privileges immediately after chroot'...
1998 Dec 03
2
interactions between OPIE-ftpd and RH5.2
...o ftpd[23527]: connection from localhost at Thu Dec 3 11:36:41 1998
# Dec 3 11:36:42 foo ftpd[23527]: Invalid FTP user name adam attempted from localhost.
Naturally, the username "adam" is a valid one, and I can successfully ftp
in using that userid and a static password via the stock wuftpd that RedHat
sees fit to ship.
Anonymous ftp via the opie-ftpd works just fine.
# Dec 3 11:41:06 foo ftpd[23536]: Anonymous FTP connection made from host localhost.
# Dec 3 11:41:09 foo ftpd[23536]: ANONYMOUS FTP login from localhost with ID foo@bar.org
So my question is this: since the opie f...