| ||||||
| 7/14 |
| 2001/7/27 [Computer/SW/Unix] UID:21962 Activity:very high |
7/26 what's the most buggiest linux/freebsd/solaris daemon you can think of?
\_ apparently whatever grammar check you used on this motd entry.
\_ not exactly a daemon, but linux's tape system. fukn a.
\_ linux has a tape system?
\_ rpcbind
\_ bugd
\_ " NFS
\_ NFS, seconded. See also: "nlockmgr", "gaping hole", "rpc.statd",
"security nightmare", et al
\_ No.
\_ follow up. Where can i find old versions of bind, wuftpd,
rpc.statd. etc?
\_ http://ftp.wu-ftpd.org:/pub/wu-ftpd-attic - paolo |
| 7/14 |
|
| ftp.wu-ftpd.org It may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 250 through 262 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including STOR, RETR, APPE, DELE, MKD, RMD, STOU, or RNTO. This patch fixes a possible denial of service attack on systems that allow only one non-connected socket bound to the same local address. |