Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

[SECURITY] ftpwatch package has major security problems

From: fifield () CS DAL CA (Jamie Fifield)
Date: Sun, 17 Jan 1999 11:48:22 -0400

-----BEGIN PGP SIGNED MESSAGE-----

We have found that the ftpwatch package as distributed in Debian
GNU/Linux 1.3 and later distributions has a security problem which makes
it trivial for users to gain root access.

We recommend that you remove the ftpwatch package immediately.

We will be working on a new version of ftpwatch to address these issues and
will announce that in a new advisory.

- --
Debian GNU/Linux      .   Security Managers      .   security () debian org
              debian-security-announce () lists debian org
  Christian Hudon     .     Wichert Akkerman     .     Martin Schulze
<chrish () debian org>   .   <wakkerma () debian org>  .   <joey () debian org>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQB1AwUBNqHg66jZR/ntlUftAQGzgQL8DNAvGsGP3T3oMOuEBlJ2Tu3XkoE8x88e
olp7AML4hjCna/y14uoa+nUsekcZR4uaDoz3pPI+gir4YwA0FP9siwNafTC1Hjj6
nh+5/l0tIjko01xEzr4d9glLG4ygKOJD
=bm2E
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-request () lists debian org
with a subject of "unsubscribe". Trouble? Contact listmaster () lists debian org
Previous By Date Next
Previous By Thread Next

Current thread: