[12550] in bugtraq
Update on Auto_FTP
daemon@ATHENA.MIT.EDU (Ben)
Fri Nov 12 13:10:29 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <382BE631.6934568C@sd2600.net>
Date: Fri, 12 Nov 1999 02:04:35 -0800
Reply-To: skalore@nfsg.org
From: Ben <skalore@SD2600.NET>
X-To: BUGTRAQ <bugtraq@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM
Update on Auto_FTP Initial Vulnerabilities
Nightfall Security Group [http://www.nfsg.org]
Skalore [skalore@nfsg.org]
In the 5th of October, 1999 Nightfall Security Group reported on several
flaws within Auto_FTP version 0.2. We are proud to announce that the
author Joshua Curtis, has made significant updates and improvments to
the utility.
Auto_FTP v0.03 now:
- Creates a random directory in a directory structure your specify to
transfer files from
- The program will now check auto_ftp.conf to verify that the owner is
correct, if it is not it will not send the file and will alert root
- You can define users who can utilize the program
- The documentation also includes on how to make auto_ftp.conf not
readable by everyone
Joshua Curtis is an example of programmers who take considerations very
seriously and who correct flaws within their programs in a reasonable
time and notify the public about it. Auto_FTP is now a program that is
worth taking a look at.
-- FINAL UPDATE Auto_FTP v0.02 --
Nightfall Security Group [http://www.nfsg.org]
Skalore [skalore@nfsg.org]
--
------------------
skalore@nfsg.org
Chairman of ToorCon (http://www.toorcon.com)
Founder of San Diego 2600 (http://www.sd2600.net)
"If people are good only because they fear punishment, and hope for reward,
then we are a sorry lot indeed."
- Albert Einstein
------------------
