You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Brian Behlendorf <br...@hyperreal.org> on 1999/02/11 04:42:25 UTC
FTP to apache.org
Just a note; a security hole was recently posted on bugtraq that affects
various FTP servers, including wu-ftpd and proftpd. This hole apparently
can allow anonymous users to gain root. As it was serious, we shut down
the FTP server; we'll be bringing it back up as soon as either an official
patch from the wu-ftpd team is posted and we can verify it works, or we
manage to complete install of another FTP daemon. Thanks for your
patience.
Brian
Re: FTP to apache.org
Posted by Vincent Janelle <vj...@home.com>.
The VR series of wu-ftpd has the fix. I do believe though that wu-ftpd
has been abandoned by its creators, the university of washington.
Brian Behlendorf wrote:
>
> Just a note; a security hole was recently posted on bugtraq that affects
> various FTP servers, including wu-ftpd and proftpd. This hole apparently
> can allow anonymous users to gain root. As it was serious, we shut down
> the FTP server; we'll be bringing it back up as soon as either an official
> patch from the wu-ftpd team is posted and we can verify it works, or we
> manage to complete install of another FTP daemon. Thanks for your
> patience.
>
> Brian