Thom,
> > Basically, you need to add the follwing filter to your /etc/proftpd.conf
> > file with the <Global></Global> directive:
> >
> > DenyFilter \*.*/
>
> Where in the .conf is that inserted???
> Before
>
> # Restore file permissions capability to site administrator ???
I've done it so it's in the section following that line:
# Restore file permissions capability to site administrator
<Global>
AllowChmod on
DenyFilter \*.*/
</Global>
>From the information on BugTraq it looks like this isn't actually a bug in
the FTP server as such (it affects many FTP servers) but more to do with the
actual shell that it runs in. You can use the DoS within TELNET/SSH using
"ls" from the shell prompt too, so you should be VERY careful about giving
away shell access to users.
Regards,
Jonathan Michaelson
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
