From owner-doc-jp@jp.freebsd.org  Tue Jul 11 17:45:24 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id RAA91004;
	Tue, 11 Jul 2000 17:45:24 +0900 (JST)
	(envelope-from owner-doc-jp@jp.FreeBSD.org)
Received: from TYO202.gate.nec.co.jp (TYO202.gate.nec.co.jp [202.247.6.41])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id RAA90990
	for <doc-jp@jp.freebsd.org>; Tue, 11 Jul 2000 17:45:24 +0900 (JST)
	(envelope-from y-koga@jp.FreeBSD.org)
Received: from mailsv4.nec.co.jp (mailsv4-le1 [192.168.1.93])
	by TYO202.gate.nec.co.jp (8.9.3/3.7W00052210) with ESMTP id RAA14354
	for <doc-jp@jp.freebsd.org>; Tue, 11 Jul 2000 17:45:23 +0900 (JST)
Received: from mmssv.mms.mt.nec.co.jp (mmssv.mms.mt.nec.co.jp [133.201.63.216]) by mailsv4.nec.co.jp (8.9.3/3.7W-MAILSV4-NEC) with ESMTP
	id RAA27894 for <doc-jp@jp.freebsd.org>; Tue, 11 Jul 2000 17:45:22 +0900 (JST)
Received: from koga.do.mms.mt.nec.co.jp (koga.do.mms.mt.nec.co.jp [10.16.5.16]) by mmssv.mms.mt.nec.co.jp (8.8.4+2.7Wbeta4/3.4W3MMS96052011) with ESMTP id RAA27055 for <doc-jp@jp.freebsd.org>; Tue, 11 Jul 2000 17:39:17 +0900 (JST)
Received: from localhost (localhost [127.0.0.1])
	by koga.do.mms.mt.nec.co.jp (8.10.2/3.7W-00052406) with ESMTP id e6B8jLR03063;
	Tue, 11 Jul 2000 17:45:21 +0900 (JST)
Message-Id: <200007110845.e6B8jLR03063@koga.do.mms.mt.nec.co.jp>
To: doc-jp@jp.freebsd.org
In-Reply-To: <200007101254.VAA02591@sta.att.ne.jp>
References: <200007091908.EAA06099@mail.geocities.co.jp>
	<200007100346.e6A3k1n02013@koga.do.mms.mt.nec.co.jp>
	<200007101254.VAA02591@sta.att.ne.jp>
	<Pine.BSF.4.21.0007110117360.91189-100000@freefall.freebsd.org>
X-Mailer: Mew version 1.94.2 on Emacs 19.34 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Date: Tue, 11 Jul 2000 17:45:20 +0900 (JST)
From: Koga Youichirou <y-koga@jp.freebsd.org>
X-Dispatcher: imput version 20000228(IM140)
Lines: 29
Reply-To: doc-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+000315
X-Sequence: doc-jp 7526
Subject: [doc-jp 7526] Re: ANNOUNCE: FreeBSD Ports Security Advisory:
 FreeBSD-SA-00:29.wu-ftpd
Errors-To: owner-doc-jp@jp.freebsd.org
Sender: owner-doc-jp@jp.freebsd.org
X-Originator: y-koga@jp.freebsd.org

"Iwakuni, Tomohiko" <iwac@sta.att.ne.jp>:
> $B!!$"$HLuCm$r$$$l$^$7$?!#(B

revised $B$,N.$l$k$h$&$J5$$,$9$k$N$G!"(Bannounce-jp $B$KEj$2$k$N$O>/$7BT$C$?(B
$BJ}$,$$$$$+$b$G$9!#(B

Kris Kennaway <kris@FreeBSD.org>:
> On Mon, 10 Jul 2000, Koga Youichirou wrote:
> 
> > > Remote anonymous FTP users can cause arbitrary commands to be executed
> > > as root on the local machine.
> > 
> > I think this vulnerability allows not only anonymous FTP users
> > but all authorized users through USER/PASS (incl. anonymous FTP users)
> > to gain root access.
> 
> Yes, that is true. My intention was that one doesn't have to have a valid
> account in order to exploit the vulnerability, but you're correct that
> it's unclear. I'll reissue.
> 
> Kris
> 
> --
> In God we Trust -- all others must submit an X.509 certificate.
>     -- Charles Forsythe <forsythe@alum.mit.edu>
> 

----
$B$3$,$h$&$$$A$m$&(B
