Date: Tue, 17 Aug 2004 13:47:25 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: freebsd-security@freebsd.org Subject: remotely exploitable vulnerability in lukemftpd / tnftpd Message-ID: <20040817184725.GE46244@madman.celabo.org>
next in thread | raw e-mail | index | archive | help
Hi Everyone, http://vuxml.freebsd.org/c4b025bb-f05d-11d8-9837-000c41e2cdad.html A critical vulnerability was found in lukemftpd, which shipped with some FreeBSD versions (4.7 and later). However, with the exception of FreeBSD 4.7, lukemftpd was not built and installed by default. So, unless you are running FreeBSD 4.7-RELEASE or specified WANT_LUKEMFTP when building FreeBSD from source, you should not have lukemftpd installed. Even in FreeBSD 4.7, lukemftpd was installed but not enabled. More details will be available in a FreeBSD advisory to follow. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040817184725.GE46244>