[22339] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Multiple-Vendor-FTP-Vuln. (old?)

daemon@ATHENA.MIT.EDU (Scott Dier)
Mon Aug 20 19:11:16 2001

Date: Mon, 20 Aug 2001 15:35:06 -0500
From: Scott Dier <dieman@ringworld.org>
To: Enrico Kern <IphantomI@web.de>
Cc: bugtraq@securityfocus.com
Message-ID: <20010820153506.M9092@ringworld.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200108201320.f7KDKZK26818@mailgate4.cinetic.de>

* Enrico Kern <IphantomI@web.de> [010820 12:31]:
> Hi,
> 
> i tested an old proftpd bug (ls /../*/../*/../*/../*/../*/../*/../*) on =

http://www.proftpd.org/critbugs.html

Add "DenyFilter \*.*/" to your config.

No software patch beats actual systems administration.

-- 
Scott Dier <dieman@ringworld.org> <sdier@debian.org>
http://www.ringworld.org/  #linuxos@irc.openprojects.net


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[22339] in bugtraq

Re: Multiple-Vendor-FTP-Vuln. (old?)

daemon@ATHENA.MIT.EDU (Scott Dier)Mon Aug 20 19:11:16 2001

daemon@ATHENA.MIT.EDU (Scott Dier)
Mon Aug 20 19:11:16 2001