Re: lame ms-ftp large file creation bug

From: Dave Korn (davek_throwaway_at_hotmail.com)
Date: 11/12/03

  • Next message: Ben Greenberg: "New mac-10.3 vulnerable to a fork bomb"
    To: vuln-dev@securityfocus.com
    Date: Wed, 12 Nov 2003 10:58:20 +0000
    
    

    ----- Original Message -----
    From: "wirepair" <wirepair@roguemail.net>
    To: <vuln-dev@securityfocus.com>
    Sent: Sunday, November 09, 2003 12:45 AM
    Subject: lame ms-ftp large file creation bug

    >lo all,
    >bug or feature:

      Defined feature of the FTP protocol, and should in no way be unique to MS.
      Do you understand what REST does? It tells the server that you're sending
    *part* of a file, starting from your chosen position within the file. In
    this case you tell it that you're sending part of an enormous file, starting
    from the 99999999999999999th byte. When it starts to receive the data you
    send, it tries to create a file that size and start appending the data at
    that position. Ok, somewhere along the line, the value gets incorrectly
    limited to 2gig (signed int maths), but basically the ftp server is doing
    exactly what you were crazy enough to ask it to!

          DaveK

    _________________________________________________________________
    It's fast, it's easy and it's free. Get MSN Messenger today!
    http://www.msn.co.uk/messenger


  • Next message: Ben Greenberg: "New mac-10.3 vulnerable to a fork bomb"