5000 – Security holes not completely fixed in 1.2.0pre3 patches

Bug 5000 - Security holes not completely fixed in 1.2.0pre3 patches

Summary: Security holes not completely fixed in 1.2.0pre3 patches

Keywords:
Status:	CLOSED DUPLICATE of bug 5047
Alias:	None
Product:	Red Hat Powertools
Classification:	Retired
Component:	proftpd
Sub Component:
Version:	6.0
Hardware:	i386
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Tim Powers
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	1999-09-08 22:05 UTC by Mike McHenry
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	1999-09-20 20:43:49 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Mike McHenry 1999-09-08 22:05:31 UTC

According to the proftpd development list the overflow
problems in 1.2.0pre3 and 4 were not properly fixed. The
updated version of Redhat 1.2.0pre3-6 is still vulnerable
as far as I can tell.

ftp://ftp.tos.net/pub/proftpd is the new location of
proftpd, the old ftp.proftpd.org is no longer being
maintained it appears. 1.2.0pre5 fixes all known buffer
overflow vulnerabilities.

Comment 1 Tim Powers 1999-09-20 20:43:59 UTC

*** This bug has been marked as a duplicate of 5047 ***

Note You need to log in before you can comment on or make changes to this bug.