[NMLUG] Oops! Linux Bug Escapes Early

Matt Grommes nmlug@swcp.com
Fri, 30 Nov 2001 09:45:49 -0700


If you're still using wuftpd on a production box you should stop. Now. 
It's had more remote exploits than any other ftpd I've ever seen. 
proftpd is a good one and there are many others. I'm not even sure why 
wuftpd is still used by the major distros, AFAIK it doesn't offer 
anything special.

Also, I don't know how I feel about these "coordinated releases". To me, 
it just gives crackers more time to exploit the holes. It's a little too 
close to Microsoft's new plan to hide security info for 30 days (!) to 
give them a chance to do spin control and patch the hole. The idea that 
a hole hasn't been discovered until a vendor releases a patch is 
laughable. _Many_ security holes and exploit tools float around the 
underground community for a long time (years in some cases) before being 
discovered and patched by the vendors or white hat security people. Not 
to say that totally underground exploits are as widely used as public 
ones but keeping a patch in hiding doesn't allow me to patch my systems 
and is as useful as closed source software, which is to say not very. 
Like I say, I'm not 100% sure about how I feel about this yet so if 
somebody has some persuasive arguments for coordinated releases I'd like 
to hear them. (and yes, I'm trying to generate some discussion, the list 
has been somewhat quiet recently :) )


Eric Krieger wrote:

> danger, danger will robinson! red hat fans take notice.
> 
> http://securityfocus.com/news/293
> 
> eric
> 
> 
> ------------------------------------------------------
> To UNSUBSCRIBE send a message to nmlug-request@swcp.com
> with only the word unsubscribe in the body.  More
> information can be found at www.nmlug.org/info.html
> -----------------------------------------------------
> 
> 
> 


-- 

			--   Matt Grommes   --
"All these worlds are belong to you, except Europa. Take off no zigs there."

------------------------------------------------------
To UNSUBSCRIBE send a message to nmlug-request@swcp.com
with only the word unsubscribe in the body.  More
information can be found at www.nmlug.org/info.html
-----------------------------------------------------