On Wed, 11 Sep 2002, Ver Allan Sumabat wrote: > we used linux 2.4.7-10. we only opened ports 21 (ftp), > 22 (ssh), and 443 (https). > > 21 - wu-ftpd-2.6.1-20 > 22 - openssh-3.1 take your pick, both of these have remote root exploits. Both were widely reported. A simple google search would have told you that. wu-ftpd (why does anyone run this piece of crap, is it possible that they will have a remote root exploit for EVERY release?) The current release is 2.6.2 ftp://ftp.wu-ftpd.org/pub/wu-ftpd-attic/cert.org/CA-2001-33 May I suggest NcFTPD? OpenSSH-3.1 http://online.securityfocus.com/bid/5093 Could I make a suggestion? Stay current on patches. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Sep 12 2002 - 23:03:15 PDT