[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] ProFTPD Bug - may lead to a security issue

Subject: Re: [cobalt-security] ProFTPD Bug - may lead to a security issue
From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
Date: Thu, 20 Dec 2001 17:11:36 -0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Mark, 

>   I have validated this issue.  The interesting thing is that when you
> attempt to execute the sequence to evoke the bug under a windows ftp
> client, the proftpd process fails to crash.  However, when a unix ftp
> client is used, the proftpd process does indeed crash.
> 
> We are researching exactly why this is the case.  I expect that shortly
> after 1:00pm EST today (Thursday) we will have a better idea of when we
> can have a patch.  (That's California-arrive-at-work-time :-).
> 
> I will spend the morning attempting to see if this can be exploited
> maliciously.  Expect a post later today.

That's great :-) Thanks for the great response.

Regards,
Jonathan Michaelson

References:
- RE: [cobalt-security] ProFTPD Bug - may lead to a security issue
  - From: Mark Carey

Prev by Date: Re: [cobalt-security] named: denied update log entires
Next by Date: Re: [cobalt-security] named: denied update log entires
Previous by thread: RE: [cobalt-security] ProFTPD Bug - may lead to a security issue
Next by thread: [cobalt-security] ProFTPD Bug - may lead to a security issue

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index