Re: Wu-ftpd FTP server contains remotely exploitable off-by-one bug

From: Mike Tancsa (mike_at_sentex.net)
Date: 07/31/03

  • Next message: Robert Watson: "Re: Wu-ftpd FTP server contains remotely exploitable off-by-one bug"
    Date: Thu, 31 Jul 2003 14:52:56 -0400
    To: <polytarp@cyberspace.org>
    
    

    At 02:40 PM 31/07/2003 -0400, polytarp@cyberspace.org wrote:

    >Buffer overflows which work on Linux do not work on FreeBSD.

    You need to qualify that statement. Yes, there are some that will not be
    relevant and the exact same exploit code will not work. But "Buffer
    overflows which work on Linux do not work on FreeBSD" is dangerously
    misleading.... In the case of wu-ftpd there have been several issues in the
    past that affected both FreeBSD and Linux. Same bug, different exploit
    code, both vulnerable. That being said, I havent had a chance to review
    this one so I dont know.

             ---Mike

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"


  • Next message: Robert Watson: "Re: Wu-ftpd FTP server contains remotely exploitable off-by-one bug"

    Relevant Pages

    • Re: Updating NTP on FreeBSD 8.x
      ... At least on Windows and Linux I now know how to compile the latest ... And on FreeBSD you'd do it the exact same way as you do on GNU/Linux, ...
      (comp.protocols.time.ntp)
    • Re: Wu-ftpd FTP server contains remotely exploitable off-by-one bug
      ... >>Buffer overflows which work on Linux do not work on FreeBSD. ... > You need to qualify that statement. ... OPERATING SYSTEM -- can make buffer overflows not work. ...
      (FreeBSD-Security)
    • Re: FreeBSD 4.x Opteron Question
      ... the FreeBSD developers told everyone that 5.3 was da ... initially over linux not because there's a bunch of good guys on the ... My tests measure kernel performance; ... > a networking device is a key performance indicator. ...
      (freebsd-questions)
    • Re: FreeBSD has serious problems with focus, longevity, and lifecycle
      ... my freeBSD days seem to be coming to an end. ... freeBSD will be support this GPU in R9... ... i really like freeBSD's robustness, especially compared to linux, among ... tight, we run CentOS, which is essentially a repackaged version of RHEL. ...
      (freebsd-hackers)
    • Re: flowtable usable or not
      ... How long did they raped Linux to get it that way looking? ... well, right or wrong, that is then issue for whom likes to compile, we ... the user domain of FreeBSD is shrinking. ... almost composed of developers or insiders or programmers or lovers, ...
      (freebsd-stable)