Remote BSD ftpd glob exploit

From: fish stiqz (fishat_private)
Date: Sat Apr 14 2001 - 13:41:43 PDT

Next message: teespy: "Re: multiple vulnerabilities in Alcatel Speed Touch DSL modems"

Previous message: Auriemma Luigi: "Re: Apache Win32 8192 chars string bug: LOG FILES EMPTY"
Next in thread: Przemyslaw Frasunek: "Re: Remote BSD ftpd glob exploit"
Reply: Przemyslaw Frasunek: "Re: Remote BSD ftpd glob exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

Here is a remote exploit for the glob bug discussed earlier here.
It works on FreeBSD 4.0-RELEASE, and with the right address, should
work on others as well.  It requires a user account in a non-chrooted
environment (normal user account).

If anyone gets this working on other systems, let me know.

Take care, have a good weekend.

- fish stiqz.

--
fish stiqz <fishat_private>
   irc>irl?werd():lame()

text/plain attachment: turkey.c

Next message: teespy: "Re: multiple vulnerabilities in Alcatel Speed Touch DSL modems"
Previous message: Auriemma Luigi: "Re: Apache Win32 8192 chars string bug: LOG FILES EMPTY"
Next in thread: Przemyslaw Frasunek: "Re: Remote BSD ftpd glob exploit"
Reply: Przemyslaw Frasunek: "Re: Remote BSD ftpd glob exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 00:25:57 PDT