Bugtraq mailing list archives

Re: [proftpd-l] root compromise ? (fwd)

From: dirk () STAF PLANETINTERNET BE (Dirk Moerenhout)
Date: Sun, 14 Feb 1999 00:55:28 +0100


Proftpd 1.2.0pre1 is not patched. If it is, then it is very weird that
there is a patch on the ftp-site for this problem.

1.2.0pre1 is probably partially patched already and the patch on the
ftp-site is not made against the currently up 1.2.0pre1. Cause if you
patch it you will get rejects.

You should handcode the rejects in to have the result the patch aims at.

As most hunks of the patch are applied successfully it is very unlikely
that the result intended with the patch is already implemented in
1.2.0pre1. So I'd consider it unpatched ...

Dirk Moerenhout

On Fri, 12 Feb 1999, Joe Schmo wrote:

I believe the current proftpd...1.2.0pre1 is patched already


----
Michael Jarmark
Head System Administrator
Mydesktop Network
http://www.mydesktop.com

Current thread:

Re: [proftpd-l] root compromise ? (fwd) Rodrigo Campos (Feb 09)
- Re: [proftpd-l] root compromise ? (fwd) Joe Schmo (Feb 12)
  - Re: [proftpd-l] root compromise ? (fwd) monk (Feb 13)
  - Re: [proftpd-l] root compromise ? (fwd) Dirk Moerenhout (Feb 13)
    - Possible Netscape Crypto Security Flaw Haze (Feb 14)
    - Re: Possible Netscape Crypto Security Flaw Pete Krawczyk (Feb 16)
    - snap utility for AIX. Larry W. Cashdollar (Feb 17)
    - Re: snap utility for AIX. Brian Hauber (Feb 18)
    - mSQL vulnerability. Christofer C. Bell (Feb 17)
    - OT: Copyright on Security advisories Aviram Jenik (Feb 18)
    - Re: OT: Copyright on Security advisories Doug Granzow (Feb 19)
    - Re: mSQL vulnerability. John W. Temples (Feb 18)
    - Debian GNU/Linux 2.0r5 released (fwd) Jamie Fifield (Feb 17)
    - Regarding passwords in registry keys. Ash (Feb 19)

(Thread continues...)