Re: Serv-U FTP Exploit?

[kevlar () SMARTLINK NET (Kevlar)]

One of the orinigal versions had just such an expliot. But that was fixed a
long time ago, when the serv-u program was pretty new. The newest release
is secure as far as I can tell.


At 05:31 PM 4/29/98 -0500, Chris Kline wrote:
> I've heard a few rumors about an exploit found in Serv-U FTP that supposedly
> compromised all security and gave you full access to the servers hard drive,
> including execution permissions.  Because of this I've been warned not to use
> it, but no matter how much I search for an exploit, I can't seem to find it.
> So can anyone confirm this exploit and show how it's done and what to do to
> protect against it?
-Kevlar
<Kevlar () smartlink net>

My motto: Be good, Or be good at it.

Oh, I'm sorry... Was I not suposed to EXPORT STRONG CRYPTO?
print pack"C*",split/\D+/,`echo
"16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|
dc`

Beat your algorithms into swords and your virtual machines into spears...
Let the weak say, "I am strong".