At 1:50 PM +0100 11/12/06, Matus UHLAR - fantomas wrote:
>both cases does mention "unspecified error". That imho means, someone has to
>buy that 'VulnDisco' SW to find out what that is to know how to fix it.
>
>It's like "If you buy my software, you will be able to find out that
>ProFTPD-1.3.0 is vulnerable".


That may be the case, or they ma have told the ProFTPD developers
about the vulnerability before they published it.

Regardless, given that this is a remote-execution vulnerability, it
is important that this gets fixed immediately.

--Paul Hoffman

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html