[vox-tech] proftpd

[Rick Moen]

Forgot to mention:

Quoting Brian Lavender (brian@brie.com):

> I use wu-ftp.

Better you than me.  The codebase is riddled with buffer overflows still
waiting to happen.  I wouldn't touch it _or_ proftpd on a bet.

> Your system could still be vulnerable even with ssh. dsniff, ssl
> exploits...

Your system could be vulnerable even if you eliminate all remote
exploits and basically do everything right:

http://linuxmafia.com/~rick/linux-info/breakin-without-remote-vulnerability

-- 
Cheers,        "Where I come from, there's nothing in the 'middle of the road'
Rick Moen       but a yellow line and dead armadillos."
rick@linuxmafia.com        -- Jim Hightower, Texas Commissioner of Agriculture