Technology news and Jobs arrow TAG
Rumpus over FTP flaws E-mail
by Stephen Withers   
Saturday, 20 January 2007
The latest Month of Apple Bugs disclosure mentions multiple vulnerabilities in Rumpus, an FTP server for Macintosh.

To quote from the disclosure, "rumpusd is vulnerable to different remotely exploitable heap-based buffer overflows, denial of service conditions and local privilege escalation issues. Due to the fact that Rumpus works under root privileges, successful exploitation by unprivileged users would allow a full compromise of the system."

Some of these are said to be remotely exploitable, others only locally - though they can be exploited by non-admin users.

The suggested workaround is to limit access to Rumpus from remote hosts, but "There's no workaround for some of the local privilege escalation issues".

Alternative FTP servers for Mac OS X include CrushFTP and PureFTPd Manager).{moscomment}

Please enable JavaScript in your browser to post your comment!

Tags See All Tags


Apple  Macintosh  Malware  Security  Software  Stephen Withers 

Get stories like this delivered daily - FREE - subscribe now
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
Suscribers		 904,266
13,751
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff
Subscribe to our free e-newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire