similar to: Bug#570207: logcheck wu-ftpd rules do'nt match

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Security problems in WU-FTPD Advisory ID: RHSA-1999:043-01 Issue date: 1999-10-21 Updated on: Keywords: wu-ftp security remote exploit Cross references: --------------------------------------------------------------------- 1. Topic: Various computer security groups have

---------- Forwarded message ---------- Date: Fri, 22 Oct 1999 20:30:27 -0700 (PDT) From: David Cantrell <david@slackware.com> To: slackware-security@slackware.com Subject: CA-99-13: wu-ftpd upgrade available ATTENTION: All users of Slackware 4.0 and Slackware-current REGARDING: CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD The recent CERT advisory reporting multiple

Hi! I'm kind new to linux, I just got my server with CentOS 3.1 installed I'm trying to install a ftp server to upload files, but the wu-ftpd 2.6.2 doesn't work with autoconfigure nor with ./build lnx ./build install got error missing bin/ftpd can you tell me step by step howto install o should I user another ftp server... thanks for your help Fernando

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: wu-ftpd vulnerability Advisory number: CSSA-2000-020.0 Issue date: 2000 June, 23 Cross reference: ______________________________________________________________________________ 1. Problem Description There is

Package: logcheck-database Version: 1.2.61 Severity: wishlist File: /etc/logcheck/ignore.d.server/proftpd Two weeks ago, I got a rush of these: Sep 8 12:37:07 goretex proftpd: PAM-listfile: Refused user news for service proftpd (Apparently, fail2ban managed to miss those.) This is triggered by pam_listfile, which is used by proftpd (and other FTP daemons) to block users listed in

Package: logcheck-database Version: 1.2.69 Severity: normal Tags: patch kernel log lines of the form: ...kernel: [1933150.816604] TCP: Treason uncloaked! Peer 0000:0000:0000:0000:0000:ffff:d04e:3f6b:4038/80 shrinks window 2491430013:2491430014. Repaired. are not caught by the current rules. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500,

Hello, I see in BugTraq that there's yet another problem with Wu-ftpd, but I see no mention of it in the freebsd-security mailing list archives...I have searched the indexes from all of June and July. Wu is pretty widely used, so I'm surprised that nobody seems to have mentioned this problem in this forum. The notice on BugTraq mentioned only Linux, not FreeBSD, but that's no

class local real,guest,anonymous xxx.xxx.xxx.xxx class intern real,guest,anonymous xxx.xxx.xxx.xxx class extern anonymous * #fake passwd :) # noretrieve /etc/passwd # noretrieve /etc/shaddow deny 194.102.92.* /etc/mesaj/denymsg deny 193.230.84.64 /etc/mesaj/msg.local deny 192.162.1.1 /etc/mesaj/msg.local limit local 0 Any /etc/mesaj/msg.local limit intern

I have tried to configure an ftp server on one of my machines, I want to all authenticated users to be able to upload files to the apache web root /var/www/html. This machine is behind a firewall/router and will not be exposed to the outside world. I want to know if someone can point me to a good tutorial on setting up one of these servers, I have read the man pages and googled for possible

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:12.ftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in ftpd(8) Category: core Module: ftpd Announced:

Package: logcheck Version: 1.2.34 Severity: normal the patterns for pure-ftpd in ignore.d.server are not matching a user with a trailing whitespace. here a some examples: Feb 18 13:02:33 web1 pure-ftpd: (stupid-pure-ftpd @84.56.131.73) [NOTICE] /example/example.txt downloaded (5908 bytes, 152196.03KB/sec) Feb 18 13:16:14 web1 pure-ftpd: (stupid-pure-ftpd @84.56.131.73) [INFO] Logout. every

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-99:03 Security Advisory FreeBSD, Inc. Topic: Three ftp daemons in ports vulnerable to attack. Category: ports Module: wu-ftpd and proftpd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:33 Security Advisory FreeBSD, Inc. Topic: globbing vulnerability in ftpd Category: core Module: ftpd/libc Announced: 2001-04-17 Credits:

You could use ktrace(1) to determine what the ftpd daemon is actually doing. rh> Is the user's shell listed in /etc/shells? It must be there for ftpd to rh> let them in. vt> I run FreeBSD 4.3-STABLE machine. I use ftpd for ftp server daemon. It has vt> very strange behavior with one of user accounts on my machine. Every one user

Hi, anyone successfully compiled http://download.pureftpd.org/pub/pure-ftpd/snapshots/pure-ftpd-1.0.22.tar.bz2 Thanks, David

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-99:03 Security Advisory FreeBSD, Inc. Topic: Two ftp daemons in ports vulnerable to attack. Category: ports Module: wu-ftpd and proftpd

I did try that, but had difficulties in compiling it from source-- it's not in the yum repositories (either CentOS or Dag Wieers). -- Jay Chandler Network Administrator, Chapman University 714.628.7249 / chandler at chapman.edu Ethernet, n. What one uses to catch the Etherbunny. -----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of

Greetings all, I'm needing to set up a new ftp server which will primarily be a public server (i.e. "anonymous" logins). I'll also need to set up some "group" logins for controlled "incoming" access (doesn't _have_ to be on the same sever). Aside: I can't see a (mini-)HOWTO on public ftp server setup - is there really not one? Given the recent

Ran into a weird problem, and this seemed a good forum to toss it out into -- if I've gaffed, please let me know. Just upgraded my RH5.0 box to RH5.2. Went well, worked nearly seamlessly. When running 5.0, though, I'd installed the opie-fied ftpd that comes with the most recent opie package (ftp://ftp.inner.net/pub/opie/opie-2.32.tar.gz) and had it work without a hitch. I'd also

I would like to start a discussion centred around the various ways one might serve up configuration files from an Asterisk server (I know, it's better to use a secondary server for all this, but let's talk about a smaller system). The types of things being served would include: - Logo image for sets that support that - XML directory files - XML or raw text configuration files -