Vulnonym.org

CVE-1999-1298 - Tauriform Surround

Description

Sysinstall in FreeBSD 2.2.1 and earlier when configuring anonymous FTP creates the ftp user without a password and with /bin/date as the shell which could allow attackers to gain access to certain system resources.

Reference

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/old/FreeBSD-SA-97:03.sysinstall.asc http://www.iss.net/security_center/static/7537.php http://www.osvdb.org/6087