Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability

From: Fyodor <fygrave () tigerteam net>
Date: Fri, 30 Nov 2001 00:40:51 +0700
On Wed, Nov 28, 2001 at 08:15:33PM -0500, Brad wrote:

OpenBSD's ftpd exhibits the same behavior, 2.9-stable, 3.0-stable and
-current.



Due to OpenBSD specific malloc implementation (they keep allocated pageinfo
structs separately from allocated chunks, which could be affected
externally) this bug doesn't seem to be exploitable on OpenBSD though.

(wish it could be;-))

-F
-- 
http://www.notlsd.net
PGP fingerprint = 56DD 1511 DDDA 56D7 99C7  B288 5CE5 A713 0969 A4D1
Previous By Date Next
Previous By Thread Next

Current thread: