Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Pure-ftpd bologna vuln

Discussion in 'General Discussion' started by lbccserv, Aug 8, 2005.

  1. lbccserv

    lbccserv Active Member

    Joined:
    Mar 23, 2004
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    156
    Don't bother switching. I won't say much, but unless you run mod-sql, don't worry.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    You're going to have to explain yourself some more if you want your post to be intelligible and for anyone to give credence to whatever you are posting about :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. lbccserv

    lbccserv Active Member

    Joined:
    Mar 23, 2004
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    156
    Well, I can't say too too much about it. Let's just say that I am a senior member of http://neworder.box.sk. My clients include such people as the guy who generated the entire LMhash database, which cracks any LM encrypted password in a split second, one who found the most recent 'remote command execution' hole in phpbb, as well as those whos only job is to write windows exploits :) I can't talk about the specifics as I was asked not to, but as long as you don't run proftpd with anything related to sql stored usernames, don't worry :)
     
  4. pamos

    pamos Member

    Joined:
    Aug 11, 2005
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    151
    Dont bother to post here to if u cant talk about it ;)
    U help us, then we will help other, thats y we must help each others

    Regards
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    Now I'm confused. In your thread title you're talking about pure-ftpd and in your post you're talking about proftpd. Which one is it that apparently has this vulnerability? Also, which specific versions? Do you have a CERT or other advisory link?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. lbccserv

    lbccserv Active Member

    Joined:
    Mar 23, 2004
    Messages:
    38
    Likes Received:
    0
    Trophy Points:
    156
    Sorry, I was talking about the bogus 'proftpd' vuln. No, there is no CERT/packetstorm link, but I'd be glad to have a conversation with someone in PM regarding it.
     
  7. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    So how do you know that the issue that cPanel has found relates to MySQL use? I would suggest that you have this discussion with cPanel through security@cpanel.net
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice