March 23, 2001

Security update to in.ftpd and timed

Author: JT Smith

From LWN.net
: Two parts of the nkitb/nkitserv package are vulnerable to security related
bugs.
in.ftpd(8):
A one-byte bufferoverflow was discovered in the OpenBSD port of the
FTP daemon in.ftpd(8) several weeks ago.
This bug could just be triggered by authenticated users, which have write
access. This bug is believed to not be exploitable under Linux. However,
we prefer to provide a fixed update package to make sure that the daemon
is on the safe side.
in.ftpd(8) will be invoked by inetd(8) and is activated by default.

Category:

  • Linux
Click Here!