Originally Published: Friday, 3 September 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

ProFTPD 1.2.0pre4 released

On the ProFTPD mailinglist, version 1.2.0pre4 was announced, which fixes the remote root compromise that cropped up on BugTraq over the weekend

   Page 1 of 1  

from BugTraq


It is not stated on the site yet, but on the ProFTPD mailinglist version 1.2.0pre4 was announced, which fixes the bug that was mailed to Bugtraq this weekend.

[snip from "MacGyver" (macgyver@tos.net) ]

Until then, I'm announcing ProFTPD 1.2.0pre4 -- this fixes the bug announced on BUGTRAQ, as well as addresses (hopefully) all the sprintf-style buffer overruns in ProFTPD. Please download, test, and knock it around. I suspect this version will still fail on FreeBSD (anyone care to offer up an account for me on a FreeBSD system to test on?).

You may get 1.2.0pre4 at ftp://ftp.tos.net/pub/proftpd/.

   Page 1 of 1