13280 – Security Exposure in Kerberos version of FTPD

Bug 13280 - Security Exposure in Kerberos version of FTPD

Summary: Security Exposure in Kerberos version of FTPD

Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	krb5
Sub Component:
Version:	6.2
Hardware:	i386
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	---
Assignee:	Nalin Dahyabhai
QA Contact:
Docs Contact:
URL:
Whiteboard:
Keywords:	Security
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2000-06-30 18:03 UTC by poohsticks
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:
Doc Text:	(edit)
Clone Of:
Environment:	(edit)
Last Closed:	2000-07-07 01:54:59 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description poohsticks 2000-06-30 18:03:57 UTC

The same problem with mkdir as was reportedly just fixed in wu-ftp exists 
with the Kerberos versions of FTPD as shipped in krb5-workstation-1.1.1-16

Comment 1 Nalin Dahyabhai 2000-06-30 22:21:58 UTC

Did krb5-workstation-1.1.1-21 not fix this?

Comment 2 poohsticks 2000-07-07 01:54:59 UTC

Yes, krb5-workstation-1.1.1-21 did fix it. It embarassing but also disapointing, that up2date had crapped out several times in succession so we didn't 
realise that we were missing updates even though we'd run it. 1.1.1-21 was applied by hand and all is well. Thanks

Note You need to log in before you can comment on or make changes to this bug.