Source-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: src/libexec/ftpd
Module Name: src
Committed By: lukem
Date: Wed Jan 22 04:46:08 UTC 2003
Modified Files:
src/libexec/ftpd: ftpd.c version.h
Log Message:
Apply DoS fix as described by Crist J. Clark <crist.clark%attbi.com@localhost>
on <security%freebsd.org@localhost>, and subsequently in FreeBSD's cvs
repository
as libexec/ftpd/ftpd.c rev 1.133:
The FTP daemon was vulnerable to a DoS where an attacker could bind()
up port 20 for an extended period of time and thus lock out all other
users from establishing PORT data connections. Don't hold on to the
bind() while we loop around waiting to see if we can make our
connection.
Bump version to 20030122.
To generate a diff of this commit:
cvs rdiff -r1.149 -r1.150 src/libexec/ftpd/ftpd.c
cvs rdiff -r1.49 -r1.50 src/libexec/ftpd/version.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index