Re: EFTP buffer overflow

From: Renaud Deraison (deraisonat_private)
Date: Thu Dec 13 2001 - 06:34:40 PST

  • Next message: Georges Dagousset: "Re: EFTP buffer overflow"

    On Thu, Dec 13, 2001 at 03:28:49PM +0100, Michel Arboi wrote:
    > Renaud Deraison <deraisonat_private> writes:
    > 
    > > With this kind of check, I usually prefer when there's a "failsafe"
    > > solution. ie
    > [snip]
    > 
    > I suppose I also should handle the "safe check" option :-\
    
    Yes, but it's the same as not having a login/password/whatever.
    
    Actually, the complete logic should be :
    
    
    
    --- 
    if(!safe_checks())
    {
     if(login && password && have_a_writeable_dir)
     {
      if(could_log_in)
      {
       # actually test for the flaw
       exit(0);
      }
     }
    }
    
    #
    # Fail-safe - pattern matching on the banner
    #
    
    banner = get_kb_item(string("ftp/", port, "/banner"));
    if(!banner) ....
    
    do_some_regexp(banner);
    
    
    --- 
    
    This is more fine-grained than in my previous post, as it helps to do
    the test, even if something goes wrong (can't log in any more for some
    reason, or ftp server went down).
    
    
    				-- Renaud
    



    This archive was generated by hypermail 2b30 : Thu Dec 13 2001 - 06:37:10 PST