[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] ProFTPD Bug - may lead to a security issue
- Subject: [cobalt-security] ProFTPD Bug - may lead to a security issue
- From: Barbara <thebizworkers@xxxxxxxxx>
- Date: Wed, 19 Dec 2001 20:18:03 -0800 (PST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
>Jeff, this is true, however if there was an
>exploitable buffer overrunn code similar to
>wuftpd versions it would not effect the Raqs
>anyway since they come with stack execution
>disabled, which protects it from exploit code
>overruns/overflows, thus eliminating the need
>to scramble to patch the Raqs.
WRONG!!! I personally can vouch that this *IS* a
threat to RaQ's (3&4) because we just had a local user
try and use it against us just yesterday... They
didn't succeed in hacking into the box (as far as we
can tell), but they DID manage to bring it down... All
our RaQ's are fully patched and up to date (and then
some).. But afterwards, we found our logs FULL of
buffer overruns and kernel calls (traces) and all
kinds of other fun stuff from their attempt...
Eventually the system had so many open files it just
started rejecting everything and eventually crashed.
Make no mistake - THIS IS A VALID THREAT TO RAQ'S and
needs plugged ASAP!! We have since disabled FTP on all
our systems until a patch is released. Let's not be
fooled with a false sense of security regarding this
one..
__________________________________________________
Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com