Package: proftpd
Version: 1.2.10-15
Severity: normal

It seems proftpd log file is by default world readable. This may have
security implications.


-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.30
Locale: LANG=en_US.ISO-8859-15, LC_CTYPE=fi_FI (charmap=ISO-8859-1)

Versions of packages proftpd depends on:
ii  adduser                     3.63         Add and remove users and groups
ii  debconf                     1.4.30.13    Debian configuration management sy
ii  libc6                       2.3.2.ds1-22 GNU C Library: Shared libraries an
ii  libcap1                     1:1.10-14    support for getting/setting POSIX.
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7e-3     SSL shared libraries
ii  libwrap0                    7.6.dbs-8    Wietse Venema's TCP wrappers libra
ii  netbase                     4.21         Basic TCP/IP networking system
ii  proftpd-common              1.2.10-15    Versatile, virtual-hosting FTP dae
ii  ucf                         1.17         Update Configuration File: preserv

-- debconf information:
  shared/proftpd/warning:
* shared/proftpd/inetd_or_standalone: standalone


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to