[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] ProFTPd (latest from cobalt) is vulunerable.
- Subject: [cobalt-security] ProFTPd (latest from cobalt) is vulunerable.
- From: shimi <shimi@xxxxxxxxxxxxxxxx>
- Date: Fri, 9 Mar 2001 07:33:31 -0800 (PST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
A minor security vulnerability was discovered in proftpd-1.2.0-final
involving
group-expressions inside of <Limit> contexts. This issue may result in
the
{Allow,Deny}Group directives not working correctly. The issue affects
1.2.0,
1.2.0 RPMs and CVS earlier than Feb 28, 2001.
Version 1.2.1 has been released, and contains a fix for the issue, as well
as
some other minor bug fixes. 1.2.1 does not contain any feature
Someone from Cobalt, please read:
http://www.proftpd.org/proftpd-announce-archive/01-03/msg00000.html
I think a .pkg should go out.
Best regards,
shimi [mailto:shimi@xxxxxxxxxxxxxxxx]
----
There are two major products that come out of Berkeley: LSD and BSD.
We don't believe this to be a coincidence.
-- Jeremy S. Anderson
Windows: "Where do you want to go today?"
Linux: "Where do you want to go tomorrow?"
BSD: "Are you guys coming or what?"