remotely exploitable vulnerability in lukemftpd / tnftpd
Jacques A. Vidrine
nectar at FreeBSD.org
Tue Aug 17 14:16:48 PDT 2004
On Tue, Aug 17, 2004 at 05:14:16PM -0400, Chuck Swiger wrote:
> Jacques A. Vidrine wrote:
> [ ... ]
> >Even in FreeBSD 4.7, lukemftpd was installed but not enabled.
> >
> >More details will be available in a FreeBSD advisory to follow.
>
> Hi, Jacques--
>
> Is this related to NetBSD Security Advisory 2004-009, at:
> ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-009.txt.asc?
Yes, same issue.
> More importantly, is FreeBSD's stock ftpd also affected, or just lukemftpd?
Just lukemftpd. Przemyslaw's advisory has more details.
http://lists.netsys.com/pipermail/full-disclosure/2004-August/025418.html
Cheers,
--
Jacques Vidrine / nectar at celabo.org / jvidrine at verio.net / nectar at freebsd.org
More information about the freebsd-security
mailing list