[9582] in bugtraq
Re: [proftpd-l] root compromise ? (fwd)
daemon@ATHENA.MIT.EDU (Dirk Moerenhout)
Mon Feb 15 03:57:20 1999
Date: Sun, 14 Feb 1999 00:55:28 +0100
Reply-To: Dirk Moerenhout <dirk@STAF.PLANETINTERNET.BE>
From: Dirk Moerenhout <dirk@STAF.PLANETINTERNET.BE>
X-To: Joe Schmo <mj@MYDESKTOP.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.BSI.3.95.990212173234.3346A-100000@www.mydesktop.com>
Proftpd 1.2.0pre1 is not patched. If it is, then it is very weird that
there is a patch on the ftp-site for this problem.
1.2.0pre1 is probably partially patched already and the patch on the
ftp-site is not made against the currently up 1.2.0pre1. Cause if you
patch it you will get rejects.
You should handcode the rejects in to have the result the patch aims at.
As most hunks of the patch are applied successfully it is very unlikely
that the result intended with the patch is already implemented in
1.2.0pre1. So I'd consider it unpatched ...
Dirk Moerenhout
On Fri, 12 Feb 1999, Joe Schmo wrote:
> I believe the current proftpd...1.2.0pre1 is patched already
>
>
> ----
> Michael Jarmark
> Head System Administrator
> Mydesktop Network
> http://www.mydesktop.com
>
