[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Proftpd



On Mon, Feb 26, 2001 at 02:20:15AM +0100, Daniel Roesen wrote:
> wu-ftpd:
> 
> * 2001-01-23: Wu-Ftpd Debug Mode Client Hostname Format String Vulnerability
> * 2000-06-22: Wu-Ftpd Remote Format String Stack Overwrite Vulnerability
> * 1999-12-20: Multiple Vendor FTP Conversion Vulnerability
> * 1999-10-21: Wu-ftpd SITE NEWER Denial of Service Vulnerability
> * 1999-10-19: Wu-ftpd message Buffer Overflow Vulnerability
> * 1999-08-22: Multiple Vendor Wu-Ftpd Buffer Overflow Vulnerability
> * 1995-11-30: wu-ftpd /bin SITE EXEC Misconfiguration Vulnerability
> * 1995-07-12: Multiple Vendor FTP Bounce Attack Vulnerability
> 
> ProFTPD:
> 
> * 2000-12-20: ProFTPD SIZE Remote Denial of Service Vulnerability
> * 2000-12-19: ProFTPD USER Remote Denial of Service Vulnerability
> * 1999-08-27: ProFTPD Remote Buffer Overflow
> 
> So where do you see "more security problems" with ProFTPD than with
> wu-ftpd?

What do you get when you try to grep for openftpd (ported to Linux as
ftpd-BSD)? 

Mate
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis  



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]