Slackware security update to proftpd
Posted Sep 24, 2003 21:58 UTC (Wed) by dwalters
Parent article: Slackware security update to proftpd
Can one assume that for an attacker to be able to download a "suitably crafted file", they must have been able to upload it to the server first?
I'd be interested to know if this is remotely exploitable on a system that has FTP uploads completely disabled, and is not accessible by any other means except via SSH (recently patched) by a trusted person (me).
to post comments)