[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] SDI remote ProFTPD exploit

Brian,

Thanks.  I'm trying to track it down as well.

~ Theo

Brian Foy Jr wrote:

> Your right. In the end getting the information out there (and that includes the
> actual exploits so we can test our servers) is the only way to help us figure out
> how vaunerable we are, and how hard we have to push for a fix.
>
> I'm off to look up the exploit at:  www.securityfocus.com
> They do a pretty good job of documenting this type of thing
> and often have sugestions on how to fix it.
>
> Brian
>
> Theodore Jones wrote:
>
> > Well,
> >
> > If the hackers saw the last messages and indeed are monitoring this list, they
> > already know about it I would guess.  I probably could have done a search to
> > track this report down, but I'll admit to being slogged with "issues" all day
> > and was looking for a lazy alternative....
> >
> > I appreciate your concern, but the "security by obscurity" issue has been
> > thrashed out before in this forum.  I say let the information flow, block the
> > holes when we find out about them, and let everyone here know loud and clear....
> >
> > My humble opinion only,
> >
> > ~ Theo
> >
> > Mark Baker - Cobalt Lists wrote:
> >
> > > Is that a good idea? This list is watched by hackers.
> > >
> > > Regards,
> > >
> > > Mark Baker
> > > Dark Marketing Ltd
> > > http://www.yoursitehere.co.uk
> > >
> > > Reply e-mail: mark@xxxxxxxxxxxxxxxxxx
> > > ----- Original Message -----
> > > From: Theodore Jones <theoj@xxxxxxxxxxxxx>
> > > To: <cobalt-security@xxxxxxxxxxxxxxx>
> > > Sent: Wednesday, September 27, 2000 7:44 PM
> > > Subject: Re: [cobalt-security] SDI remote ProFTPD exploit
> > >
> > > > Can you send out a link to the report on this exploit possibly?
> > > >
> > > > ~ Theo
> > > >
> > > > Audric Leperdi wrote:
> > > >
> > > > > SDI remote ProFTPD exploit (Sept2K)
> > > > >
> > > > > Does the latest patch fix this exploit now publicly & widely available??
> > > > >
> > > > > Audric Leperdi
> > > > > evolutiva s.r.l. - Via Varallo, 30 - 10153 Torino (TO) - Italy
> > > > > Tel. +39.011.8121617 - Fax +39.011.8121614 - http://www.evolutiva.com
> > > > > _____________________________________________________________________
> > > > >
> > > > > Il contenuto di questo messaggio è confidenziale e la lettura o la
> > > > > divulgazione non autorizzata dello stesso viola i diritti di privacy del
> > > > > mittente e del desinatario.
> > > > > Se avete ricevuto questo messaggio per errore siete pregati di
> > > distruggerlo
> > > > > e di avvertire il mittente.
> > > > >
> > > > > This message is confidential and unauthorised reading or disclosing of
> > > it
> > > > > infringes privacy rights of sender and recipent.
> > > > > If you are not the intended recipient of this message, please destroy it
> > > and
> > > > > inform the sender.
> > > > > Tel 011 8121617 - Fax 011 8121614
> > > > >
> > > > > _______________________________________________
> > > > > cobalt-security mailing list
> > > > > cobalt-security@xxxxxxxxxxxxxxx
> > > > > http://list.cobalt.com/mailman/listinfo/cobalt-security
> > > >
> > > > _______________________________________________
> > > > cobalt-security mailing list
> > > > cobalt-security@xxxxxxxxxxxxxxx
> > > > http://list.cobalt.com/mailman/listinfo/cobalt-security
> > >
> > > _______________________________________________
> > > cobalt-security mailing list
> > > cobalt-security@xxxxxxxxxxxxxxx
> > > http://list.cobalt.com/mailman/listinfo/cobalt-security
> >
> > _______________________________________________
> > cobalt-security mailing list
> > cobalt-security@xxxxxxxxxxxxxxx
> > http://list.cobalt.com/mailman/listinfo/cobalt-security
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security