anyone hear about any security fixes for ftpds that were found a few weeks ago ? haven't seen any news on security.debian.org.
seems the ftp bugs are much more serious then the ntp bugs :) (e.g. 100x more people running ftpds then ntpds ..) last time i tried to exploit it on my desktop system memory was comsumed at about 15MB per second. the bug im referrin to is when u login to a ftpd (wuftpd excluded it wasn't affected) and do this: ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* you can pretty much kill the system. proftpd has a workaround and also a patch, but my systems are running the openbsd ftpd ..which traditionally has seemed to be mroe secure then proftpd or wuftpd but it was also affected. haven't noticed other updates from other linux vendors so im curious ..... thanks for any info .. nate
