Re: Multiple Local Vulnerabilities in some FTP Client.Who can exploitit by remote?

From: SpaceWalker (spacewalkerat_private)
Date: Mon May 06 2002 - 09:57:13 PDT

Next message: blackshellat_private: "ldap vulnerabilities"

Previous message: blackshellat_private: "ldap vulnerabilities"
In reply to: Brett Moore: "RE: Multiple Local Vulnerabilities in some FTP Client.Who can exploitit by remote?"
Next in thread: SpaceWalker: "Re: Multiple Local Vulnerabilities in some FTP Client.Who can exploit it by remote?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is typically bad idea to let any localy exploitable programs, even if they are only exploitable by client (who has legitimate access)
but I don't know if it's like this under win32, but under any unix, it's very hard to block command execution, if you let the possibility to run any program on the fs (who tried to remove /bin/sh ?)

The real problem is into the vulnerabilities that let you exec something on computer : unicode problems should not exist.

SpaceWalker

On Mon, 6 May 2002 12:47:42 +1200
"Brett Moore" <brettat_private> wrote:

> But they forgot FTP.exe so we bof the ftp client and inject and run any code
> we like therefore bypassing the 'protection' given by removing cmd.exe
> 
> Brett

Next message: blackshellat_private: "ldap vulnerabilities"
Previous message: blackshellat_private: "ldap vulnerabilities"
In reply to: Brett Moore: "RE: Multiple Local Vulnerabilities in some FTP Client.Who can exploitit by remote?"
Next in thread: SpaceWalker: "Re: Multiple Local Vulnerabilities in some FTP Client.Who can exploit it by remote?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 06 2002 - 11:33:32 PDT