Subject: Re: CVS commit: pkgsrc
To: None <Thilo.Manske@HEH.Uni-Oldenburg.DE>
From: Rene Hexel <email@example.com>
Date: 02/14/1999 09:44:41
In article <385cb0d348%Thilo@riscpc.heh.uni-oldenburg.de>,
Thilo Manske <Thilo.Manske@HEH.Uni-Oldenburg.DE> writes:
> Does this fix those buffer overflows as described in CERT Advisory
It does -- or at least it should. It incorporates the patch
RedHat made to its linux version of wu-ftpd. However, I just
read a message on bugtraq that some buffer overflow vulnerability
still remains with that fix.
I just performed a few tests, and yes, it seems like some holes
still remain. I'll investigate the source code and see whether I
can come up with a fix ...