[security] Debian Security Advisory
Lorenzo Iannuzzi
nakis a libero.it
Mar 9 Mar 2004 16:42:09 CET
http://www.debian.org/security/
Two vulnerabilities were discovered in wu-ftpd:
CAN-2004-0148 - Glenn Stewart discovered that users could bypass the
directory access restrictions imposed by the restricted-gid option by
changing the permissions on their home directory. On a subsequent
login, when access to the user's home directory was denied, wu-ftpd
would fall back to the root directory.
CAN-2004-0185 - A buffer overflow existed in wu-ftpd's code which
deals with S/key authentication.
--
Ciao e alla prossima!
Lorenzo
-------------- parte successiva --------------
Un allegato non testuale è stato rimosso....
Nome: non disponibile
Tipo: application/pgp-signature
Dimensione: 244 bytes
Descrizione: non disponibile
Url: http://itlists.org/pipermail/security/attachments/20040309/564668fc/attachment.pgp
Maggiori informazioni sulla lista
security