Re: lame ms-ftp large file creation bug
From: Dave Korn (davek_throwaway_at_hotmail.com)
Date: 11/12/03
- Previous message: Dave Korn: "Re: Re[2]: ms03-043 questions"
- Maybe in reply to: wirepair: "lame ms-ftp large file creation bug"
- Next in thread: exon: "Re: lame ms-ftp large file creation bug"
- Reply: exon: "Re: lame ms-ftp large file creation bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: vuln-dev@securityfocus.com Date: Wed, 12 Nov 2003 10:58:20 +0000
----- Original Message -----
From: "wirepair" <wirepair@roguemail.net>
To: <vuln-dev@securityfocus.com>
Sent: Sunday, November 09, 2003 12:45 AM
Subject: lame ms-ftp large file creation bug
>lo all,
>bug or feature:
Defined feature of the FTP protocol, and should in no way be unique to MS.
Do you understand what REST does? It tells the server that you're sending
*part* of a file, starting from your chosen position within the file. In
this case you tell it that you're sending part of an enormous file, starting
from the 99999999999999999th byte. When it starts to receive the data you
send, it tries to create a file that size and start appending the data at
that position. Ok, somewhere along the line, the value gets incorrectly
limited to 2gig (signed int maths), but basically the ftp server is doing
exactly what you were crazy enough to ask it to!
DaveK
_________________________________________________________________
It's fast, it's easy and it's free. Get MSN Messenger today!
http://www.msn.co.uk/messenger
- Previous message: Dave Korn: "Re: Re[2]: ms03-043 questions"
- Maybe in reply to: wirepair: "lame ms-ftp large file creation bug"
- Next in thread: exon: "Re: lame ms-ftp large file creation bug"
- Reply: exon: "Re: lame ms-ftp large file creation bug"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
