The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #395 [ftp bug] (1 message, 378 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/395.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: smb@research.att.com
To: phage
Date: Fri 20:34:37 04/11/1988 EST
Subject: ftp bug
References: [Thread Prev: 046] [Thread Next: 397] [Message Prev: 394] [Message Next: 046]

Lest we forget, let me remind people that the anonymous ftp bug is in
fact far more serious, albeit less sexy.  That one gives direct root
access to any machine running anonymous ftp; the only prevention, short
of fixing the source, is to remove the 'ftp' login.  Removing the
directory it uses will not help.

END OF DOCUMENT