Re: Q: Impact of globbing vulnerability in ftpd
From: Dag-Erling Smorgrav (des@ofug.org)
Date: 04/23/01
- Next message: Victor Sudakov: "Re: Q: Impact of globbing vulnerability in ftpd"
- Previous message: Victor Sudakov: "Re: Q: Impact of globbing vulnerability in ftpd"
- In reply to: Victor Sudakov: "Q: Impact of globbing vulnerability in ftpd"
- Next in thread: Victor Sudakov: "Re: Q: Impact of globbing vulnerability in ftpd"
- Reply: Victor Sudakov: "Re: Q: Impact of globbing vulnerability in ftpd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Victor Sudakov <sudakov@sibptus.tomsk.ru> From: Dag-Erling Smorgrav <des@ofug.org> Date: 23 Apr 2001 12:16:44 +0200
Victor Sudakov <sudakov@sibptus.tomsk.ru> writes:
> I do not quite understand the impact of the globbing vulnerability.
There was an exploitable buffer overflow in the globbing code.
> As far as I understand, it can be exploited only after a user has
> logged in, so ftpd is already chrooted
Not necessarily.
> and running with the uid of
> the user at the moment. What serious trouble can an attacker
> cause under these conditions?
Run arbitrary code on the target machine, which may perform operations
(such as creating new directories to store warez) which the FTP server
normally doesn't allow the user to perform, or even exploit a local
root compromise.
DES
-- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Victor Sudakov: "Re: Q: Impact of globbing vulnerability in ftpd"
- Previous message: Victor Sudakov: "Re: Q: Impact of globbing vulnerability in ftpd"
- In reply to: Victor Sudakov: "Q: Impact of globbing vulnerability in ftpd"
- Next in thread: Victor Sudakov: "Re: Q: Impact of globbing vulnerability in ftpd"
- Reply: Victor Sudakov: "Re: Q: Impact of globbing vulnerability in ftpd"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
