---

Vulnerabilities exist in wu-ftpd, BeroFTPD and ProFTPd

BUGTRAQ is alive with exploits and vendor announcements about
these vulnerabilities.

Alex Yu (for wu-ftpd) wrote in a
recent message
that wu-ftpd-2.4.2-beta-18-vr4 through
wu-ftpd-2.4.2-beta-18-vr15, wu-ftpd-2.4.2-vr16 and
wu-ftpd-2.4.2-vr17, and wu-ftpd-2.5.0 are known to be
vulnerable.

BeroFTPD, all present versions.

Additionally, an exploit
has been posted
for ProFTPD.

Vendor packages should be released soon. In the meantime, you
may consider disabling your ftp daemon for now, by commenting out
the line in /etc/inetd.conf, and restarting inetd with ‘killall
-HUP inetd’.