Bugtraq mailing list archives
Re: Multi format string bugs in IPAD x.x ftp server
From: John Edwards <isplist () PINNACLE NET AU>
Date: Wed, 21 Feb 2001 09:35:17 +1030
Eric Fitzgerald wrote:
If I'm reading this correct. This appears to be format string bugs in your FTP client. Not in the server (notice the seg fault took you too your prompt)
Connected to xxx.xxx.xxx.xxx. 220 xxx.xxx.xxx.xxx FTP server (IPAD 2.52) ready
<snip>
ftp> site %s%s%s%s%s%s%s%s%s%s%s%s%s%s Segmentation fault [diab@epuj diab]$
Eric is right. I tested an IPAD 2.52 system with a linux ftp client and saw the same results. When using the FreeBSD default ftp client I got these results: 220 xxx.xxx.xxx.xxx FTP server (IPAD 2.52) ready at Wed Feb 21 09:18:41 2001 Name (xxx:xxx): anonymous 331 Anonymous logins ok. Please enter your e-mail address as password. Password: 230 User anonymous logged in. Remote system type is MSDOS. ftp> site %x%x%x%x%x%x%x%x%x%x%x 500 Unknown command 'site %x%x%x%x%x%x%x%x%x%x%x' ftp> site %s%s%s%s%s%s%s%s%s%s%s%s%s%s 500 Unknown command 'site %s%s%s%s%s%s%s%s%s%s%s%s%s%s' ftp> site %p%p 500 Unknown command 'site %p%p' ftp> site %c%c%c%c 500 Unknown command 'site %c%c%c%c' For those who don't know what an IPAD is, it's an all-in-one internet server made by eSoft that runs on MS-DOS. It has a badly non-compliant DNS server that can't receive replies bigger than 512 bytes, can't set the aa flag on NS records, and refuses to resolve any host with IPv6 information in it's dns reply. John Edwards
Current thread:
- Multi format string bugs in IPAD x.x ftp server diab (Feb 19)
- Re: Multi format string bugs in IPAD x.x ftp server Jose Nazario (Feb 20)
- Re: Multi format string bugs in IPAD x.x ftp server Eric Fitzgerald (Feb 20)
- Re: Multi format string bugs in IPAD x.x ftp server John Edwards (Feb 20)