Hi ppl, I've been browsing through the ftpd code and the overflow is really there. But as soon as I made some tests, (using CWD function), the vulnerable buffer seems to be out of stack space, which turns to be impossible to reach the return address. I'm not that sure about that because I was warned about that bug from a friend of mine, but if it's really true, this problem will not mean anything as a security matters (BeroFTPD and WUftpd are running from inetd so it wont be a dos). stanley programmer
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:59:07 PDT