dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


The Register: OpenBSD exploit gets serious

Dec 20, 2000, 18:00 (19 Talkback[s])
(Other stories by John Leyden)

WEBINAR:
On-Demand

Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers


"An esoteric buffer overflow bug in OpenBSD has been upgraded in importance after it was discovered that, in certain conditions, it could allow a cracker to gain remote access to a server."

"Users are recommended to apply a patch to fix the one-byte buffer overflow vulnerability present in an OpenBSD service called ftpd(8). The issue particularly affects non-anonymous FTP (File Transfer Protocol) servers, and administrators of these services are also been encouraged to use more secure transport mechanisms."

"For a system to be vulnerable, ftpd must have been enabled by the administrator because by default OpenBSD ships with the service turned off - though it is a frequently used service."

Complete Story

Related Stories: