[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Security issue ProFTPD

Subject: Re: [cobalt-users] Security issue ProFTPD
From: Dmitry Alexeyev <dmi_a@xxxxxxxxxx>
Date: Fri Mar 5 07:31:00 2004
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

I downloaded exploit and tried it... Doesn't seem to work
It shuts down FTP server though... 

RPM packages: 
http://www.cobaltsupport.com/proftpd-1.2.9-cs1.i386.rpm
http://www.cobaltsupport.com/proftpd-conf-pacifica-cs1.noarch.rpm

Source packages: 
http://www.cobaltsupport.com/proftpd-1.2.9-cs1.src.rpm
http://www.cobaltsupport.com/proftpd-conf-pacifica-cs1.src.rpm

Installation: 

# rpm -Uvh http://www.cobaltsupport.com/proftpd-1.2.9-cs1.i386.rpm 
http://www.cobaltsupport.com/proftpd-conf-pacifica-cs1.noarch.rpm
(in one line) 

Let me know how it works. 

Bear in mind, it is not fully tested in production, so use with care, 
and do backup of your current package: 

# tar zcvf proftpd.tgz `rpm -ql proftpd`
# tar zcvf proftpp-conf.tgz `rpm -ql proftpd-conf`

WBR,
Dmitry

> Hello,
>
> > Just got this message.
> > Does anyone know if version 1.2.5 is vulnerable too?
>
> Not really sure about it. And quite old bug by the way, 1.2.9 was
> released in October, 2003.
>
> > Is there a raq4 pkg for version 1.2.9rc3 ?
>
> There's 1.2.9 release RPM package, do you want me to upload it
> somewhere?
>
> Regards,
> Dmitry

Follow-Ups:
- Re: [cobalt-users] Security issue ProFTPD
  - From: Gerard Roos

References:
- [cobalt-users] Security issue ProFTPD
  - From: Gerard Roos
- Re: [cobalt-users] Security issue ProFTPD
  - From: Dmitry Alexeyev

Prev by Date: [cobalt-users] Rsync Setup Question
Next by Date: Re: [cobalt-users] Rsync Setup Question
Previous by thread: Re: [cobalt-users] Security issue ProFTPD
Next by thread: Re: [cobalt-users] Security issue ProFTPD

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index