sqposter
11-29-2001, 11:03 AM
A wu-ftp vulnerability that can grant remote access to all files on a server.
This problem can affect every server running it. Red hat issued a release.
I came across it by accident from this page on cnet
http://news.cnet.com/news/0-1003-200-8007615.html
so please update and secure your servers.
-Sqposter / Michael
William
11-29-2001, 01:21 PM
who in gods name would use that ftp deamon..
sqposter
11-29-2001, 01:51 PM
Good question, but better that everyone know what's going on than opening more servers to hackers.
Besides, how many people are at co-location that run red hat staight out of the box. I think that both of us would be surprised at how high this might be.
-Sqposter / Michael
bobcares
11-29-2001, 04:03 PM
proftpd is a good ftp server.
I'd any day suggest installing that on redhat rather than wu-ftp..
have a great day :)_
Regards
amar
clocker1996
11-29-2001, 08:56 PM
Wuftpd is a bad ftp server
I use vftpd
its great
2Grumpy
11-29-2001, 11:26 PM
Originally posted by sqposter
A wu-ftp vulnerability that can grant remote access to all files on a server.
This problem can affect every server running it. Red hat issued a release.
I came across it by accident from this page on cnet
http://news.cnet.com/news/0-1003-200-8007615.html
so please update and secure your servers.
-Sqposter / Michael
I just had to uninstall wu and install proftpd on my secondary nameserver that runs Mandrake er 7.2 I think it is.
Anyway my question is, considering the history of wu-ftpd and proftpd, WHY IS WU installed by default and proftpd left on the CD when you install RH and Mandrake? EEESH.
Seems like wu-ftpd is nearly as prone to root exploits as Windows machines are to just plain rebooting.
