oss-security January 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE request: proftpd before 1.3

Re: [oss-security] CVE request: proftpd before 1.3.3d

From: TJ Saunders <tj_at_nospam>
Date: Fri Jan 14 2011 - 21:50:02 GMT
To: oss-security@lists.openwall.com

> I could have swore this flaw got an ID, but I can't find it.

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4221

Was the one assigned for the Telnet IAC issue:

  http://bugs.proftpd.org/show_bug.cgi?id=3521

The issue from the Phrack article did not have a CVE assigned, to my
knowledge; it was related to code in ProFTPD's mod_sql module:

  http://bugs.proftpd.org/show_bug.cgi?id=3536

Cheers,
TJ

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   He who has never hoped can never despair.

           -George Bernard Shaw

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~