[15583] in bugtraq
Re: [slackware-security] wu-ftpd remote exploit patched
daemon@ATHENA.MIT.EDU (jim)
Fri Jun 30 18:46:01 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.3.96.1000630140339.3058A-100000@madeira.physiol.ucl.ac.uk>
Date: Fri, 30 Jun 2000 14:10:51 +0100
Reply-To: jim <jim@MADEIRA.PHYSIOL.UCL.AC.UK>
From: jim <jim@MADEIRA.PHYSIOL.UCL.AC.UK>
X-To: Slackware Security Team <security@slackware.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.10.10006280215040.20918-100000@www.slackware.com>
> The wu-ftpd daemon is part of the tcpip1.tgz package in the N series. A
> new tcpip1.tgz package is now available in the Slackware 7.1 tree. We
> have also provided a seperate patch package for users who have already
> installed Slackware 7.1 and just want the new FTP daemon.
It would appear though, that the _source_ for wu-ftpd, at least that in
the Slackware 7.1 source iso (md5sum 6f2dd5c32b82e71f9970074e8d9681f0) has
not been patched. Those of us who build Slackware components from source
should be aware of this and patch manually.
jim
--
http://madeira.physiol.ucl.ac.uk/people/jim/
"Revenge is an integral part of forgiving and forgetting" -The BOFH
