|[Home] [Credit Search] [Category Browser] [Staff Roll Call]||The LINUX.COM Article Archive|
|Originally Published: Sunday, 21 November 1999||Author: Quentin Cregan|
|Published to: news_enhance_security/Security News||Page: 1/1 - [Printable]|
More proftpd issues
"A member of the proftpd mailing list and myself discovered a problem with proftpd with mod_sqlpw.c optional module compiled in. Unix last command reveals passwords where the username should be. A patch was sent to the mailing list, however, the patch only protects ftp localhost not ftp remotehost."