SuSE Security Announcement - A security hole was discovered in the FTP server in nkitb version less than 2000.7.11-0 contains a remote root vulnerability. The standard ftp server does directly pass untrusted data from a DNS server to the setproctitle() function in a unsecure manner, allowing an attacker to modify his/her DNS record to execute abitrary machine code as root while connecting to the standard ftp daemon.
736fef8cf6af36ad331b57ed0ef2b54ea785d6ef402650a95644b54305ef2a9c