|
7/12 |
2001/7/27 [Computer/SW/Unix] UID:21962 Activity:very high |
7/26 what's the most buggiest linux/freebsd/solaris daemon you can think of? \_ apparently whatever grammar check you used on this motd entry. \_ not exactly a daemon, but linux's tape system. fukn a. \_ linux has a tape system? \_ rpcbind \_ bugd \_ " NFS \_ NFS, seconded. See also: "nlockmgr", "gaping hole", "rpc.statd", "security nightmare", et al \_ No. \_ follow up. Where can i find old versions of bind, wuftpd, rpc.statd. etc? \_ http://ftp.wu-ftpd.org:/pub/wu-ftpd-attic - paolo |
7/12 |
|
ftp.wu-ftpd.org It may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 250 through 262 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including STOR, RETR, APPE, DELE, MKD, RMD, STOU, or RNTO. This patch fixes a possible denial of service attack on systems that allow only one non-connected socket bound to the same local address. |