Jeff Lasman wrote: >[EMAIL PROTECTED] wrote: > >>>ProFTPD have release a bug fix version, but I haven't tried applying it to >>>the RaQs yet. I'm hoping Cobalt will be QUICK with this one and get a >>>package out ASAP. >>> >>How can Cobalt be quick if there's no exploit yet? >> > >Thom, under many conditions, there can be a fix before there's an >exploit. You can spot a vulnerability and patch it before there's an >exploit. > >Jeff > Jeff, this is true, however if there was an exploitable buffer overrunn code similar to wuftpd versions it would not effect the Raqs anyway since they come with stack execution disabled, which protects it from exploit code overruns/overflows, thus eliminating the need to scramble to patch the Raqs.
_______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
