[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Hacked by SDI linux remote exploit for ProFTP
- Subject: [cobalt-security] Hacked by SDI linux remote exploit for ProFTP
- From: Barbara - <thebizworkers@xxxxxxxxx>
- Date: Sat, 29 Sep 2001 04:04:36 -0700 (PDT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
>Although I have all the security patches in place,
>including the 'Security: proftpd Update 1.0.1'
>they got in using 'SDI linux remote exploit
>for ProFTP'
Just out of curiosity, don't you need to be running
anonymous ftp for this exploit to work? I just checked
Security Focus and it says "SDI anonymous remote
exploit for proftpd". From what I can gather, it says
they first need "permission to download a file (like
welcome.msg or README)." Not that this isn't a serious
issue, but if anonymous FTP isn't turned on, I don't
think it would be so easy to exploit (unless of course
a user decides to try). Please correct me if I'm
wrong.
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=27450
Barbara
__________________________________________________
Do You Yahoo!?
Listen to your Yahoo! Mail messages from any phone.
http://phone.yahoo.com