Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: pkgsrc



In article <385cb0d348%Thilo%riscpc.heh.uni-oldenburg.de@localhost>,
        Thilo Manske <Thilo.Manske%HEH.Uni-Oldenburg.DE@localhost> writes:

> Does this fix those buffer overflows as described in CERT Advisory
> CA-99.03?
> http://www.cert.org/advisories/CA-99-03-FTP-Buffer-Overflows.html.

  It does -- or at least it should.  It incorporates the patch
RedHat made to its linux version of wu-ftpd.  However, I just
read a message on bugtraq that some buffer overflow vulnerability
still remains with that fix.

  I just performed a few tests, and yes, it seems like some holes
still remain.  I'll investigate the source code and see whether I
can come up with a fix ...

  Cheers
      ,
   Rene



Home | Main Index | Thread Index | Old Index