[35967] in North American Network Operators' Group
Re: FTP exploit?
daemon@ATHENA.MIT.EDU (Daniel Roesen)
Tue Mar 20 05:09:30 2001
Date: Tue, 20 Mar 2001 11:07:26 +0100
From: Daniel Roesen <droesen@entire-systems.com>
To: nanog@merit.edu
Message-ID: <20010320110726.A29653@hydra.entire-systems.com>
Mail-Followup-To: nanog@merit.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5.0.2.1.0.20010319191119.00ab24a8@babyblue.boii.com>; from ken@boii.com on Mon, Mar 19, 2001 at 07:17:32PM -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, Mar 19, 2001 at 07:17:32PM -0500, ken harris. wrote:
> it was another one of those 'i'm so elite i'm going to
> notify the vendors 30 minutes before posting to bugtraq'
15 minutes. And this <censored> even ran a DoS attack against
ftp.proftpd.org to prove his point.
> so right now vendors are working on latest versions.
For ProFTPD a workaround exists. For the interested ones:
http://www.proftpd.org/critbugs.html
Best regards,
Daniel (ProFTPD RPM packaging maintainer)
