Bug 13280 – Security Exposure in Kerberos version of FTPD

Bug 13280 - Security Exposure in Kerberos version of FTPD

Summary:	Security Exposure in Kerberos version of FTPD

Status:	CLOSED ERRATA

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	krb5 (Show other bugs)
Sub Component:
Version:	6.2
Hardware:	i386 Linux

Priority	high Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Nalin Dahyabhai
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:	Security

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2000-06-30 14:03 EDT by poohsticks
Modified:	2008-05-01 11:37 EDT (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2000-07-06 21:54:59 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description poohsticks 2000-06-30 14:03:57 EDT

The same problem with mkdir as was reportedly just fixed in wu-ftp exists 
with the Kerberos versions of FTPD as shipped in krb5-workstation-1.1.1-16

Comment 1 Nalin Dahyabhai 2000-06-30 18:21:58 EDT

Did krb5-workstation-1.1.1-21 not fix this?

Comment 2 poohsticks 2000-07-06 21:54:59 EDT

Yes, krb5-workstation-1.1.1-21 did fix it. It embarassing but also disapointing, that up2date had crapped out several times in succession so we didn't 
realise that we were missing updates even though we'd run it. 1.1.1-21 was applied by hand and all is well. Thanks

Note You need to log in before you can comment on or make changes to this bug.