what version of ftpd?

I use portaudit check installed ports for vulnerabilities, but a recent external vuln scan alerted on ftpd. It could be a false positive, but I need to check. Is there a tool for checking the security status of the base install, or a way to get the version / revision of something like ftpd?

The CVEs named are very old - 2001, but I need to make sure.
 
SirDice said:
What version of Freebsd are you running and which CVEs is it complaining about?

Also note that portaudit only checks installed ports, not the base system.

my point exactly... I need something besides portaudit to check the base system.

The vuln scan is alerting on this http://security.freebsd.org/advisories/FreeBSD-SA-01:33.ftpd-glob.asc

which seems really odd - I'm on FreeBSD 7.0-RELEASE-p11

should be fairly safe to chalk it up as a false positive
 
It's safe to assume that if your system is at a higher version than the ones printed in 'Affects:' the vulnerability no longer exists.
 
Back
Top