In case anyone out there does not yet know, DO NOT INSTALL THE DEFAULT FTP SERVER IN LINUX! Wu-FTPd has been the IIS of the Linux world with no less 13 vulnerabilities in the last two years. If you do use Wu-FTPd then turn off anonymous access. The report mentioned that exploit is thought to be in underground community already, but I can verify that it is definitely out there and has been for at least 6 weeks. This is a huge hole and WILL be exploited if you leave it open.
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:35:55 PDT