| From: | Matthias Schmidt <matthias@xxxxxxxxxxxxxxxx> |
| Date: | Thu, 7 Oct 2010 13:35:59 +0200 |
Hi, there is a security flaw in the glob(3) code of libc: http://www.h-online.com/open/news/item/Flaw-in-libc-implementation-threatens-FTP-servers-1103319.html Original and NetBSD advisory: http://securityreason.com/securityalert/7822 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-008.txt.asc This affects all BSDs including DragonFly, so disable your (s)ftpd until the problem is fixed. Cheers Matthias