Source-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: pkgsrc
In article <385cb0d348%Thilo%riscpc.heh.uni-oldenburg.de@localhost>,
Thilo Manske <Thilo.Manske%HEH.Uni-Oldenburg.DE@localhost> writes:
> Does this fix those buffer overflows as described in CERT Advisory
> CA-99.03?
> http://www.cert.org/advisories/CA-99-03-FTP-Buffer-Overflows.html.
It does -- or at least it should. It incorporates the patch
RedHat made to its linux version of wu-ftpd. However, I just
read a message on bugtraq that some buffer overflow vulnerability
still remains with that fix.
I just performed a few tests, and yes, it seems like some holes
still remain. I'll investigate the source code and see whether I
can come up with a fix ...
Cheers
,
Rene
Home |
Main Index |
Thread Index |
Old Index