Bugtraq mailing list archives
Buffer overflow in ftpd and locate bug
From: ksv () GW AL LG UA (Sergey V. Kolychev)
Date: Fri, 30 Apr 1999 11:07:20 +0300
Hi. I had problem with locate from findutils-4.1.24.rpm from Redhat-5.1 It segfaults if we have huge directory at incoming ftp which created by exploits for ftpd realpath hole. My ftpd is patched. Those exploits ,i think, should not afraid me, but if updatedb puts to locate database that directory then locate segfaults. ( getline.c 104 row by gdb ) I guess it can be used for running arbitrary commands if root runs locate. I had look to latest Redhat-6.0 findutils-4.1.31.rpm but it still based on findutils-4.1 as well as findutils-4.1.24 and haven't any patches from redhat concerning subject and I am sure it stiil vulnerable. ----------------------Alchevsk Linux User Group----------------------- I don't call, I don't cry , I don't sorry. All will gone like a white appletreeses's smoke... (S.Esenin) http://www.ic.al.lg.ua/~ksv | e-mail: ksv () gw al lg ua PGP key & Geekcode: finger ksv () gw al lg ua
Current thread:
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 23)
- javascript hotmail password trap David L. Nicol (Apr 23)
- Re: Shopping Carts exposing CC data Joe (Apr 23)
- Discus advisory. Elaich Of Hhp (Apr 23)
- Re: Discus advisory. Ian R. Justman (Apr 28)
- Re: Discus advisory. Elaich Of Hhp (Apr 29)
- X-based sniffer-netxmon Zhang Qianli (Apr 29)
- Re: X-based sniffer-netxmon route () RESENTMENT INFONEXUS COM (Apr 29)
- Re: X-based sniffer-netxmon Zhang Qianli (Apr 29)
- Buffer overflow in ftpd and locate bug Sergey V. Kolychev (Apr 30)
- Re: X-based sniffer-netxmon Corey Lindsly (Apr 29)
- Re: Discus advisory. Ian R. Justman (Apr 28)
- <Possible follow-ups>
- Re: Shopping Carts exposing CC data hevnsnt (Apr 23)
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 25)
- Re: Shopping Carts exposing CC data Bo Elkjaer (Apr 27)