On Thu, 29 Nov 2001, Dave Newbold wrote:
> I think we are reliant on wuftpd for our (in production) GDMP 1.1.3
> setup. Hopefully, we will switch to GDMP 2.0 in the next few days.
Would it be worth mentioning that:
If anonymous FTP is not enabled, valid user credentials are required
to exploit this vulnerability.
[...]
To exploit this vulnerability, an attacker must have either
valid credentials required to log in as an FTP user, or anonymous
access must be enabled.
regards
|