19 Jan
2000
19 Jan
'00
4:52 a.m.
In article <B4AA96F1.889F%petrilli@digicool.com>, Christopher Petrilli <petrilli@digicool.com> wrote:
The server runs only Zope 2.1, a recent version of sendmail, ftp, and an amanda client over SSH. Everything else was disabled.
Sendmail, that illustrious security hole in the making :-) Depending on what FTP server you're running there are potentially dozens of holes. Also how you're restricting Amanda could matter...
Also, see recent ssh advisories (eg http://www.cert.org/advisories/CA-99-15-RSAREF2.html).