| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <F629DD152EA9674CAB166BCFA8BDBE0BA9B9@matrix.local> Date: Thu, 26 Feb 2004 20:12:28 +0100 From: "Peter Buijsman" <peter@...te.net> To: <bugtraq@...urityfocus.com> Subject: RE: Serv-U "MDTM" buffer overflow PoC DoS exploit > Here it is, test your systems, temporarily disable Serv-U, > and wait for the vendor to release a patch. Serv-U has released a security patch yesterday. An e-mail has been send out to registered users. It fixes the MDTM problem and some other small bugs. "Serv-U 5.0.0.4 has been released. This is a point-release of 5.0 that fixes a number of bugs. We highly recommend upgrading to 5.0.0.4, in particular for the following reasons: * A bug in SQL statements used by ODBC domains has been fixed. * Added automatic connection retry in case ODBC connectivity failure. * A bug causing Secure-FTP transfers to fail has been fixed. * A bug in the MDTM command that could cause server crashes has been fixed. You can download 5.0.0.4 from the following location: http://www.Serv-U.com/dn.asp Running the setup program should upgrade your existing installation of Serv-U. We don't expect any problems, but to be on the safe side please make a backup of your Serv-U directory prior to installing the new release." Thanks, Peter
Powered by blists - more mailing lists