On Wed, 15 Aug 2001 23:48:19 -0300 (SPO) , Barnaby Gray <bgrg2at_private> (Barnaby Gray) wrote: >You're right, after attempted again I managed to get it to login to my >FTP server, but ftp was not the best protocol to try it on considering >the way data back from the server is sent, which there's no way of >fiddling. I believe using this attack it may be possible to remotely open a netfilter (iptables) based firewall, if kernel < 2.4.5, using another bug shown in Red Hat Advisory RHSA-2001:052-02 / Issue date: 2001-04-19. That is, according to the advisory: 'A vulnerability in iptables "RELATED" connection tracking has been discovered. When using iptables to allow FTP "RELATED" connections through the firewall, carefully constructed PORT commands can open arbitrary holes in the firewall.' []'s Gustavo Molina Network Administrator - Sao Paulo - Brazil
This archive was generated by hypermail 2b30 : Wed Aug 15 2001 - 22:24:23 PDT