You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Brian Behlendorf <br...@hyperreal.org> on 1999/02/11 04:42:25 UTC

FTP to apache.org

Just a note; a security hole was recently posted on bugtraq that affects
various FTP servers, including wu-ftpd and proftpd.  This hole apparently
can allow anonymous users to gain root.  As it was serious, we shut down
the FTP server; we'll be bringing it back up as soon as either an official
patch from the wu-ftpd team is posted and we can verify it works, or we
manage to complete install of another FTP daemon.  Thanks for your
patience.

	Brian

Re: FTP to apache.org

Posted by Vincent Janelle <vj...@home.com>.

The VR series of wu-ftpd has the fix.  I do believe though that wu-ftpd
has been abandoned by its creators, the university of washington.

Brian Behlendorf wrote:
> 
> Just a note; a security hole was recently posted on bugtraq that affects
> various FTP servers, including wu-ftpd and proftpd.  This hole apparently
> can allow anonymous users to gain root.  As it was serious, we shut down
> the FTP server; we'll be bringing it back up as soon as either an official
> patch from the wu-ftpd team is posted and we can verify it works, or we
> manage to complete install of another FTP daemon.  Thanks for your
> patience.
> 
>         Brian