2004-09-13: ftpd root escalation

A number of problems in ftpd may be used to get root access from an ftp session. Przemyslaw Frasunek has written a technical description (detailing tnftpd, but the principle is the same).

0.6.3 fixes this problem.

The only workaround for this bug is to disable ftpd.

See also CAN-2004-0794, Gentoo bug 61412

Valid XHTML 1.0!