Bugtraq mailing list archives
Re: ftpd: the advisory version
From: mgleason () NCFTP COM (Mike Gleason)
Date: Sun, 2 Jul 2000 14:26:52 -0500
At 08:05 PM 6/30/00 -0400, Carson Gaspar wrote:
"Mike" == Mike Eldridge <diz () CAFES NET> writes:Mike> On Tue, 27 Jun 2000, Olaf Kirch wrote:I.e. publicfile is able to drop root privs because it stops using port 20 when creating data connections in response to a PORT command. It's against the spec but works with most clients.Mike> Against spec, it may be, but in my opinion, it makes more sense. FYI, it violates a SHOULD, it doesn't violate a MUST, so it is officially in spec.
Most (if not all) FTP client programs don't give a flying squirrel if an incoming PORT connection to them is originating from port 20 or not. However, it should be noted that firewalls *do* care. It's been awhile since I've checked, but at least one major firewall vendor (I think it was FireWall-1 from Check Point) silently discards the connection if it isn't coming from port 20. This problem came up a few years ago when people were reporting that NcFTPd Server was timing out data connections because NcFTPd thought it could get away without binding its side to port 20. Mike Gleason NcFTP Software http://www.NcFTP.com
Current thread:
- Re: ftpd: the advisory version Valdis Kletnieks (Jun 30)
- Re: ftpd: the advisory version Tom Perrine (Jul 02)
- Conclusion to recent working WuFTPD Exploits Eric Hines (Jul 05)
- <Possible follow-ups>
- Re: ftpd: the advisory version Carson Gaspar (Jun 30)
- Re: ftpd: the advisory version Mike Gleason (Jul 02)
- [RHSA-2000:016-03] Multiple local imwheel vulnerabilities bugzilla () REDHAT COM (Jul 03)
- Re: ftpd: the advisory version monti (Jul 05)
- Re: ftpd: the advisory version D. J. Bernstein (Jul 06)
- Re: ftpd: the advisory version monti (Jul 07)
- Re: ftpd: the advisory version Mikael Olsson (Jul 07)
- Re: ftpd: the advisory version David Maxwell (Jul 07)
- Re: ftpd: the advisory version D. J. Bernstein (Jul 10)
- Re: ftpd: the advisory version Richard Rager (Jul 11)
- Infosec.20000712.worldclient.2.1 Rikard Carlsson (Jul 12)
- ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed J C (Jul 10)