[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] ProFTPD Bug - may lead to a security issue
- Subject: Re: [cobalt-security] ProFTPD Bug - may lead to a security issue
- From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
- Date: Wed, 19 Dec 2001 22:26:40 -0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Jeff,
> > http://www.securityfocus.com/archive/1/246331
> >
> > There's no exploit - yet.
>
> It should also be noted that they are not even sure if it is
> exploitable. Not all free() bugs are exploitable.
This may be true, but after what happened with wu-ftpd, I for one am rather
jumpy about this. Considering that ProFTPD already have a release available
that fixes this, can we assume that you (Sun/Cobalt) are looking into
putting the new RC into a package as a matter of urgency?
Regards,
Jonathan Michaelson