Originally Published: Friday, 3 September 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

ProFTPD 1.2.0pre4 released

On the ProFTPD mailinglist, version 1.2.0pre4 was announced, which fixes the remote root compromise that cropped up on BugTraq over the weekend

   Page 1 of 1  

from BugTraq

Hi,

It is not stated on the site yet, but on the ProFTPD mailinglist version 1.2.0pre4 was announced, which fixes the bug that was mailed to Bugtraq this weekend.

[snip from "MacGyver" (macgyver@tos.net) ]

Until then, I'm announcing ProFTPD 1.2.0pre4 -- this fixes the bug announced on BUGTRAQ, as well as addresses (hopefully) all the sprintf-style buffer overruns in ProFTPD. Please download, test, and knock it around. I suspect this version will still fail on FreeBSD (anyone care to offer up an account for me on a FreeBSD system to test on?).

You may get 1.2.0pre4 at ftp://ftp.tos.net/pub/proftpd/.





   Page 1 of 1