HEADS UP - Security flaw in libc glob code
Matthias Schmidt
matthias at dragonflybsd.org
Thu Oct 7 04:41:56 PDT 2010
Hi,
there is a security flaw in the glob(3) code of libc:
http://www.h-online.com/open/news/item/Flaw-in-libc-implementation-threatens-FTP-servers-1103319.html
Original and NetBSD advisory:
http://securityreason.com/securityalert/7822
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc
This affects all BSDs including DragonFly, so disable your (s)ftpd until
the problem is fixed.
Cheers
Matthias
More information about the Users
mailing list