There isn't a patch released yet. It will be released December 3rd. Move to ProFTPD. * Nate Carlson <natecars at real-time.com> [011120 11:24]: > For those of you who are silly enough to use WU-FTPD... patch it, now. > Don't know what the vulnerability is, but hey.. > > -- > Nate Carlson <natecars at real-time.com> | Phone : (952)943-8700 > http://www.real-time.com | Fax : (952)943-8500 > > > ---------- Forwarded message ---------- > Date: Mon, 19 Nov 2001 12:49:47 -0700 (MST) > From: Vulnerability Help <vulnhelp at securityfocus.com> > To: "bugtraq at securityfocus.com" <bugtraq at securityfocus.com> > Subject: Vendors For WU-FTPD Please Read > > > > Heya all, > > The SecurityFocus Vulnerability Help Team is in the process of notifying > vendors of a remotely exploitable problem in WU-FTPD . Rather than miss > any vendors we are asking vendors which read Bugtraq and ship WU-FTPD > either as a default package or a ports package to please mail us your > relevant security contact information (with a PGP key please). The WU-FTPD > has been notified already. > > Cheers, > > SecurityFocus > Vulnerability Help Team > > > > _______________________________________________ > Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota > http://www.mn-linux.org > tclug-list at mn-linux.org > https://mailman.mn-linux.org/mailman/listinfo/tclug-list -- Scott Dier <dieman at ringworld.org> <sdier at debian.org> http://www.ringworld.org/ #linuxos at irc.openprojects.net So I ran up to him, and the exchange went something like this: Me: Oh my god! You're Larry Niven! Him: Oh my god! You're Wil Wheaton! -Wil Wheaton, in a Slashdot interview