-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] proftpd (SSA:2020-051-01)
New proftpd packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix a security issue.
Here are the details from the Slackware 14.2 ChangeLog:
+--+
patches
https://www.debian.org/security/faq
- -
Package: proftpd-dfsg
CVE ID : CVE-2019-18217
Debian Bug : 942831
Stephan Zeisberg discovered that missing input validation in ProFTPD, a
FTP/SFTP/FTPS
https://www.debian.org/security/faq
- -
Package: proftpd-dfsg
CVE ID : CVE-2019-12815
Debian Bug : 932453
Tobias Maedel discovered that the mod_copy module of ProFTPD, a
FTP/SFTP/FTPS server
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] proftpd (SSA:2017-112-03)
New proftpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog
===
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS / MALLOC CORRUPTION ::.
ADVANCED INFORMATION SECURITY CORPORATION
Keeping Things Simple!
==
.:.
.8
===
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS / MALLOC CORRUPTION ::.
ADVANCED INFORMATION SECURITY CORPORATION
Keeping Things Simple!
==
.:.
.8
.::PROFTPD v1.3.5a Heap / Malloc Vulnerabilities ::.
ADVANCED INFORMATION SECURITY CORPORATION
Credit: Nicholas Lemonias
Date: 29/11/2015
=
a888b
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
===
Date: 29/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
===
Date: 29/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
===
Date: 29/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
===
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS / MALLOC CORRUPTION ::.
ADVANCED INFORMATION SECURITY CORPORATION
Keeping Things Simple
===
Date: 29/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
===
Date: 29/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
===
Date: 29/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
Advanced Information Security Corporation
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
Advanced Information Security Corporation
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
Advanced Information Security Corporation
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
Advanced Information Security Corporation
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
Advanced Information Security Corporation
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.:: PROFTPD v1.3.5a HEAP OVERFLOWS
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
===
Date: 22/11/2015
Credit: Nicholas Lemonias
.::PROFTPD v1.3.5a HEAP OVERFLOWS ::.
ADVANCED INFORMATION SECURITY CORPORATION
http://www.debian.org/security/faq
- -
Package: proftpd-dfsg
CVE ID : CVE-2015-3306
Debian Bug : 782781
Vadim Melihow discovered that in proftpd-dfsg, an FTP server, the
mod_copy module
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] proftpd (SSA:2015-111-12)
New proftpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix a security issue.
Here are the details from the Slackware 14.1 ChangeLog
/
___
Package : proftpd
Date: October 3, 2013
Affected: Business Server 1.0, Enterprise Server 5.0
___
Problem Description:
A vulnerability has been discovered and corrected in proftpd:
Integer overflow in
http://www.debian.org/security/faq
- -
Package: proftpd-dfsg
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-4359
Debian Bug : 723179
Kingcope
Hi there!
See my blog post about the mentioned vulnerability.
http://kingcope.wordpress.com/2013/09/11/proftpd-mod_sftpmod_sftp_pam-invalid-pool-allocation-in-kbdint-authentication/
Cheers,
Kingcope
/
___
Package : proftpd
Date: April 5, 2013
Affected: Business Server 1.0, Enterprise Server 5.0
___
Problem Description:
A vulnerability has been found and corrected in proftpd:
ProFTPD before 1.3.5rc1
http://www.debian.org/security/faq
- -
Package: proftpd-dfsg
Vulnerability : symlink race
Problem type : local
Debian-specific: no
CVE ID : CVE-2012-6095
Debian Bug : 697524
It has been
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[slackware-security] proftpd (SSA:2012-041-04)
New proftpd packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,
13.1, 13.37, and -current to fix security issues.
Here are the details from the Slackware 13.37 ChangeLog
/
___
Package : proftpd
Date: December 7, 2011
Affected: 2010.1, 2011., Enterprise Server 5.0
___
Problem Description:
A vulnerability was discovered and fixed in proftpd:
Use-after-free vulnerability in the Response
http://www.debian.org/security/faq
- -
Package: proftpd-dfsg
Vulnerability : several
Problem type : remote
Debian-specific: no
Debian Bug : 648922
The ProFTPD security update, DSA-2346-1, introduced
http://www.debian.org/security/faq
- -
Package: proftpd-dfsg
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-4130
Debian Bug : 648373
Several
/
___
Package : proftpd
Date: March 18, 2011
Affected: 2010.0, 2010.1
___
Problem Description:
A vulnerability was discovered and corrected in proftpd:
Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD
http://www.debian.org/security/faq
- -
Package: proftpd-dfsg
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2008-7265 CVE-2010-3867 CVE-2010-4652
Several
http://www.debian.org/security/faq
- -
Package: proftpd-dfsg
Vulnerability : integer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-1137
It was discovered that an integer
/
___
Package : proftpd
Date: February 8, 2011
Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0
___
Problem Description:
A vulnerability has been found and corrected in proftpd:
Heap-based buffer overflow in the
/
___
Package : proftpd
Date: November 11, 2010
Affected: 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0
___
Problem Description:
Multiple vulnerabilities were discovered and corrected in
/
___
Package : proftpd
Date: December 22, 2009
Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0,
Enterprise Server 5.0
___
Problem Description:
A vulnerability has been identified and corrected in
http://www.debian.org/security/faq
-
Package: proftpd-dfsg
Vulnerability : insufficient input validation
Problem type : remote
Debian-specific: no
CVE Id : CVE-2009-3639
It has been discovered that
/
___
Package : proftpd
Date: October 23, 2009
Affected: 2009.0, 2009.1, Corporate 3.0, Corporate 4.0,
Enterprise Server 5.0
___
Problem Description:
A vulnerability has been identified and corrected in
/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: ProFTPD: Multiple vulnerabilities
Date: March 12, 2009
Bugs: #258450
ID: 200903-27
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
Two
http://www.debian.org/security/faq
-
Package: proftpd-dfsg
Vulnerability : SQL injection vulnerabilites
Problem type : remote
Debian-specific: no
CVE Id : CVE-2009-0542 CVE-2009-0543
The security
http://www.debian.org/security/faq
- --
Package: proftpd-dfsg
Vulnerability : SQL injection vulnerabilites
Problem type : remote
Debian-specific: no
CVE Ids: CVE-2009-0542 CVE-2009-0543
Two
Reproduceable under Gentoo with Proftpd 1.3.1 - But not under debian
etch with Proftpd 1.3.0
The newst Proftpd in Gentoo is 1.3.2-rc2, but there seems to be an
Mysql-related patch in the build-file now. I also tested vanilla
1.3.2-rc4 and 1.3.2, with all three the sql-injection is not
andling of the "%" character (probably
> that's some way to sanitize input to avoid format string things?).
>
> Anyway, %' effectively makes the single quote unescaped and that eventually
> allows for an SQL injection during login.
Tested also on Debian Etch ProFTPD 1.3.0
Does not work.
E
, 2009 2:49:53 PM GMT -05:00 Colombia
Subject: Another SQL injection in ProFTPd with mod_mysql (probably postgres as
well)
Hello,
Just found out a problem with proftpd's sql authentication. The problem is
easily reproducible if you login with username like:
USER %') and 1=2 union sele
Looks like a very serious issue to me - it works on our ProFTPD
1.3.2rc2 Server (latest stable on gentoo).
220 ProFTPD 1.3.2rc2 Server (Pumpkin) [xx.xx.xx.xx]
USER %') and 1=2 union select
1,0x24312452565a583533784324716a304d4d6b4670426b4b486177644264756634392f,uid,gid,homedir,shell
fro
Uh-oh, sorry, bad copy-paste..the user is just
%') and 1=2 union select 1,1,uid,gid,homedir,shell from users; --
not
USER %') and 1=2 union select 1,1,uid,gid,homedir,shell from users; --
I am using debian packaged proftpd 1.3.1-16 if that matters.
\n[+] ./exploit.pl ftp.target.net
\n\n" ; exit();}
$host = $ARGV[0];
system("cls") ;
print
"------\n".
"[+] ProFTPd with mod_mysql Authentication Bypass
Exploit \n".
Hi,
On Tue, 2009-02-10 at 19:49 +, gat3...@gat3way.eu wrote:
> Just found out a problem with proftpd's sql authentication. The problem is
> easily reproducible if you login with username like:
Could you please provide the version number which is affected by this?
Running ProF
Hello,
Just found out a problem with proftpd's sql authentication. The problem is
easily reproducible if you login with username like:
USER %') and 1=2 union select 1,1,uid,gid,homedir,shell from users; --
and a password of "1" (without quotes).
which leads to a successful login. Diff
http://www.debian.org/security/faq
- --
Package: proftpd-dfsg
Vulnerability : missing input validation
Problem type : remote
Debian-specific: no
CVE ID : CVE-2008-4242
Debian Bug : 502674
/
___
Package : proftpd
Date: June 20, 2007
Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
___
Problem Description:
The Auth API in ProFTPD, when multiple simultaneous authentication
modules are configured
At least next time that you stole code from other people be sure to change
usage sub too you l33t h4x0r
http://www.0xcafebabe.it/sploits/revenge_proftpd_ctrls_26.pl
http://www.0xcafebabe.it/sploits/revenge_proftpd_ctrls_24.pl
-Revenge
Hmm, anyone know if the release candidates on proftpd.org are vulnerable
to this?
Mark**
[EMAIL PROTECTED] wrote:
#!/usr/bin/perl -w
# Local Exploit
#
# [ Exploitation condition ]
# - proftpd must be compiled with --enable-ctrls option
# - local user needs permission to connect through
n 19 Feb 2007 19:43:41 -, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
#!/usr/bin/perl -w
# Local Exploit
#
# [ Exploitation condition ]
# - proftpd must be compiled with --enable-ctrls option
# - local user needs permission to connect through unix socket (from
proftpd.conf)
#
#
#!/usr/bin/perl -w
# Local Exploit
#
# [ Exploitation condition ]
# - proftpd must be compiled with --enable-ctrls option
# - local user needs permission to connect through unix socket (from
proftpd.conf)
#
# This one works for 2.6 exploitation against gcc 4.x
# Payload will bind /bin/sh
/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: ProFTPD: Local privilege escalation
Date: February 13, 2007
Bugs: #158122
ID: 200702-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
A flaw
/
___
Package : proftpd
Date: January 23, 2007
Affected: Corporate 3.0
___
Problem Description:
A stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0
and earlier, allows remote attackers to cause a
http://www.debian.org/security/faq
- --
Package: proftpd
Vulnerability : programming error
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2005-4816
Debian Bug : 404751
Martin Loewer
/
___
Package : proftpd
Date: December 18, 2006
Affected: 2007.0
___
Problem Description:
Stack-based buffer overflow in the pr_ctrls_recv_request function in
ctrls.c in the mod_ctrls module in ProFTPD before
-15
Issue Revision: 07
Subject Name:ProFTPD
Subject Summary: Professional FTP Daemon
Subject Home:http://www.proftpd.org/
Subject Versions:* < 1.3.1rc1
Vulnerability
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - Corelabs Advisory
http://www.coresecurity.com/corelabs/
ProFTPD Controls Buffer Overflow
Date Published: 2006-12-13
Last Update: 2006-12-12
Advisory ID: CORE-2006-1127
http://www.debian.org/security/faq
- --
Package: proftpd
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-5815 CVE-2006-6170 CVE-2006-6171
Debian Bug
/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: ProFTPD: Remote execution of arbitrary code
Date: November 30, 2006
Bugs: #154650
ID: 200611-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
/
___
Package : proftpd
Date: November 30, 2006
Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
___
Problem Description:
A stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0
and earlier
http://www.debian.org/security/faq
- --
Package: proftpd
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-5815 CVE-2006-6170 CVE-2006-6171
Debian Bug
Hi
Can i get this straight, vendor was notified on the 16th of November,
but this vulnerability has been part of VulnDisco since Jan 2006? Is
that actually correct? This was known about ten months ago but not
disclosed until now?
Mark
[EMAIL PROTECTED] wrote:
Name: ProFTPD
Name: ProFTPD mod_tls pre-authentication buffer overflow
Vendor: http://www.proftpd.org
Release date: 28 Nov, 2006
Author: Evgeny Legerov <[EMAIL PROTECTED]>
I. DESCRIPTION
A remote buffer overflow vulnerability has been found in mod_tls module of
ProFTPD serve
;s sreplace() function to allow a remote
attacker to execute arbitrary code.
This vulnerabillity, identified as CVE-2006-5815[3], is believed to affect
all versions of ProFTPD up to and including 1.3.0, but exploitability has
only been demonstrated with version 1.3.0rc3. The demonstrated exploit
reli
ww.mandriva.com/security/
> ___
>
> Package : proftpd
> Date: November 20, 2006
> Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
> ___
>
> Problem Description:
>
> As
/
___
Package : proftpd
Date: November 20, 2006
Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
___
Problem Description:
As disclosed by an exploit (vd_proftpd.pm) and a related vendor bugfix,
a Denial of
http://www.debian.org/security/faq
- --
Package: proftpd
Vulnerability : programming error
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-5815
Debian Bug : 399070
It was
2006-11-16
Package: proftpd
Vulnerability:denial of service
OpenPKG Specific: no
Affected Series: Affected Packages: Corrected Packages:
E1.0-SOLID<= proftpd-1.
> Hello,
>
> 1. I know that the workaround with the DenyFilter works.
Actually it turns out there is no need for DenyFilter.
> 2. Proftpd by default doesn't have this filter set, neither has the
>default proftpd install on slackware 8.1
In any event this is immaterial a
Hello,
1. I know that the workaround with the DenyFilter works.
2. Proftpd by default doesn't have this filter set, neither has the
default proftpd install on slackware 8.1
3. The methods mentioned on the page you refer to do not work on later
proftpd versions (tested on 1.2.7rc3) be
Hello,
proftpd is vulnerable to denial of service similar to the list
*/../*/../*/../*.
#!/bin/sh
#
# proftpd <=1.2.7rc3 DoS - Requires anonymous/ftp login at least
# might work against many other FTP daemons
# consumes nearly all memory and alot of CPU
#
# tested against slackware 8.1 - prof
This is so old I can't even find any postings/articles I remember making on
it. Here is one link from early last year:
http://lwn.net/2001/0322/a/proftpd-dos.php3
Check the documentation:
DenyFilter \*.*/
Problem solved.
People should search Google before posting, it's far less e
At 03:40 PM 3/29/2002, martin f krafft wrote:
> ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
...
> DenyFilter \*.*/
Just as a quick question, why not deny the string "/../" (you may have to
deny the regex "/\.\./", depending how the filter in question works)?
As far as
dear bugtraq'ers,
i must confess that the information i provided wrt the acclaimed DoS
exploit in Debian potato's proftpd package (1.2.0pre10-2.0potato1) was
not fully accurate. the package *does in fact contain a buggy daemon*
despite having been fixed, according to the changelog:
also sprach Joe Dollard <[EMAIL PROTECTED]> [2002.03.25.2114 +0100]:
> The version of proftp that is in debian potato (1.2.0pre10 as
> reported by running 'proftpd -v ') is vulnerable to a glob DoS
> attack, as discovered on the 15th March 2001. You ca
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mandrake Linux Security Update Advisory
Package name: proftpd
Date
ProFTPD Bug ID: 1066
(http://bugs.proftpd.org/show_bug.cgi?id=1066)
Versions affected:
ProFTPD 1.2.1 is vulnerable. Earlier versions are also believed to be
affected.
Problem commands:
Problem commands include:
ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
ls
-
Package: proftpd
Vulnerability : remote DOS & potential buffer overflow
Debian-specific: no
In Debian Security Advisory DSA 029-1 we have reported several
vulnerabilities in proftpd that have been fixed.
Hi
Trustix has made available security updates for Trustix secure linux.
kernel:
Trustix specific: no
Distribution versions: All
A race condition in ptrace allows a malicious user to gain root. A
signedness error in the sysctl interface also potentially allows a user
to gain root.
proftpd
-
Package: proftpd
Vulnerability: remote DOS & potential buffer overflow
Debian-specific: no
The following problems have been reported for the version of proftpd in
Debian 2.2 (potato):
1. There is a memory leak in the SIZE com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Linux-Mandrake Security Update Advisory
Package name: proftpd
Date
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --
PACKAGE : proftpd
SUMMARY : Denial of Service
DATE
===
Summary
===
Three issues with the ProFTPD FTP server have been reported to BUGTRAQ in
the past month. These issues have been addressed by the ProFTPD core team.
The following vulnerabilities are addressed in this advisory:
1. "SIZE memory leak"
http://www.securit
,
JeT Li -The Wushu Master-
proftpDoS.java
---
/* ProFTPd DoS version 1.1
Remote DoS in proFTPd
Code by: JeT-Li -The Wushu Master- [EMAIL PROTECTED]
Recently I
Another examples of bad coding in ftp daemons, proftpd-1.2.0rc2 in this case.
main.c:659:
void main_exit(void *pv, void *lv, void *ev, void *dummy)
{
int pri = (int) pv;
char *log = (char *) lv;
int exitcode = (int) ev;
log_pri(pri, log); /* here */
main_exit() is called by
> " ProFTPd has memory leakage bug when it executes the SIZE FTP command. By
> calling the FTP command SIZE 5000 times it possible to cause ProFTPd to
> consume over 300kB of memory. Exploiting this bug with more SIZE commands
> gives us simple DoS attack. Anonymous access is
Hello Bugtraq:
Not so much time ago a ProFTPd remote vulnerability was released:
" ProFTPd has memory leakage bug when it executes the SIZE FTP command. By
calling the FTP command SIZE 5000 times it possible to cause ProFTPd to
consume over 300kB of memory. Exploiting thi
-
The proftpd version that was distributed in Debian GNU/Linux 2.1
had several buffer overruns that could be exploited by remote
attackers. A short list of problems:
* user input was used in snprintf() without sufficient checks
* there was an
Tested on Linux with standard RedHat 6.0 install (w/glibc 2.0
compatability), proftpd installed with configure/make/make install...
- ftp to host
- login (anonymous or no)
(this should be all on one line, no spaces)
ftp> ls aaa%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u
%u%u%
really have no clue if there are exploits possible for the other issues
that might allow breakins; please keep up to date and upgrade as soon as
the new version is available).
Anyhow, here's the patch:
--- proftpd-1.2.0pre6.old/src/main.cFri Sep 10 15:49:32 1999
+++ proftpd-1.2.0pre6/src/m
-BEGIN PGP SIGNED MESSAGE-
__
SuSE Security Announcement
Package: proftpd-1.2.0pre6 and earlier
Date: Thu Sep 16 20:59:18 CEST 1999
Affected: all UNIX
Please trust me. it's still not secure.
Exploit in a few days.
-Tymm
On Wed, 15 Sep 1999, Albert C. Uy wrote:
> ...has been released.
>
> http://www.proftpd.org
>
> or
>
> ftp://ftp.tos.net/pub/proftpd
>
1 - 100 of 121 matches
Mail list logo
