[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] ProFTPD Bug - may lead to a security issue

Subject: Re: [cobalt-security] ProFTPD Bug - may lead to a security issue
From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
Date: Wed, 19 Dec 2001 22:23:14 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> > There's no exploit  - yet.
> >
> > ProFTPD have release a bug fix version, but I haven't tried applying it
to
> > the RaQs yet. I'm hoping Cobalt will be QUICK with this one and get a
> > package out ASAP.
>
> How can Cobalt be quick if there's no exploit yet?

Eh? You want to wait until people can hack into your server before you fix
it? That doesn't make sense.

The point is to plug the hole before the dam breaks. ProFTPD have an RC1
available that fixes the problem and it's sensible security practice to
implement before any exploit is developed - not that there necessarily will
be an exploit, but there could. Ever heard the concpet: prevention is better
than cure?

Regards,
Jonathan Michaelson

References:
- Re: [cobalt-security] ProFTPD Bug - may lead to a security issue
  - From: baltimoremd

Prev by Date: Re: [cobalt-security] RaQ4r: chkrootkit odd report: bash_history file size is 0
Next by Date: Re: [cobalt-security] ProFTPD Bug - may lead to a security issue
Previous by thread: Re: [cobalt-security] ProFTPD Bug - may lead to a security issue
Next by thread: RE: [cobalt-security] ProFTPD Bug - may lead to a security issue

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index