Bugtraq mailing list archives
Re: Buffer overflow in ftpd and locate bug
From: tgo () NEARZ ORG ([tgo])
Date: Fri, 30 Apr 1999 22:25:14 -0300
On 23 February I send to bugtraq a comment about this problem (ignored by aleph1 ? hehe :) http://www.nearz.org/new/lynx/text/1999/FEB-Pathnames On Fri, 30 Apr 1999, Sergey V. Kolychev wrote:
Hi. I had problem with locate from findutils-4.1.24.rpm from Redhat-5.1 It segfaults if we have huge directory at incoming ftp which created by exploits for ftpd realpath hole. My ftpd is patched. Those exploits ,i think, should not afraid me, but if updatedb puts to locate database that directory then locate segfaults. ( getline.c 104 row by gdb ) I guess it can be used for running arbitrary commands if root runs locate. I had look to latest Redhat-6.0 findutils-4.1.31.rpm but it still based on findutils-4.1 as well as findutils-4.1.24 and haven't any patches from redhat concerning subject and I am sure it stiil vulnerable. ----------------------Alchevsk Linux User Group----------------------- I don't call, I don't cry , I don't sorry. All will gone like a white appletreeses's smoke... (S.Esenin) http://www.ic.al.lg.ua/~ksv | e-mail: ksv () gw al lg ua PGP key & Geekcode: finger ksv () gw al lg ua
Current thread:
- Re: Buffer overflow in ftpd and locate bug [tgo] (Apr 30)
- <Possible follow-ups>
- Re: Buffer overflow in ftpd and locate bug Przemyslaw Frasunek (May 02)
- Re: Buffer overflow in ftpd and locate bug Eugeny Kuzakov (May 03)
- Re: Buffer overflow in ftpd and locate bug Andrew Pitman (May 06)
- CALL FOR PAPERS: EICAR 2000 -- Student Scholarships (fwd) Ken Williams (May 04)
- portmaper/process table flood exploit? C.J. Oster (May 04)
- Re: Buffer overflow in ftpd and locate bug Eugeny Kuzakov (May 03)
- Re: Buffer overflow in ftpd and locate bug Crispin Cowan (May 03)