Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Link to Us
Linux Jobs

More on LinuxToday

Vulnerabilities exist in wu-ftpd, BeroFTPD and ProFTPd

Aug 29, 1999, 13:34 (1 Talkback[s])
(Other stories by Dave Whitinger)

BUGTRAQ is alive with exploits and vendor announcements about these vulnerabilities.

Alex Yu (for wu-ftpd) wrote in a recent message that wu-ftpd-2.4.2-beta-18-vr4 through wu-ftpd-2.4.2-beta-18-vr15, wu-ftpd-2.4.2-vr16 and wu-ftpd-2.4.2-vr17, and wu-ftpd-2.5.0 are known to be vulnerable.

BeroFTPD, all present versions.

Additionally, an exploit has been posted for ProFTPD.

Vendor packages should be released soon. In the meantime, you may consider disabling your ftp daemon for now, by commenting out the line in /etc/inetd.conf, and restarting inetd with 'killall -HUP inetd'.