Bugtraq mailing list archives

Re: Security Update: [CSSA-2002-SCO.23] Open UNIX 8.0.0 UnixWare 7.1.1 : ftpd allows data connection hijacking via PASV mode

From: Tomasz Grabowski <cadence () apollo aci com pl>
Date: Mon, 3 Jun 2002 18:56:57 +0200 (CEST)

On Thu, 30 May 2002 security () caldera com wrote:

1. Problem Description

      In FTP PASV mode, the client makes a control connection to the
      FTP server (typically port 21/tcp) and requests a PASV data
      connection. The server responds by listening for client
      connections on a specified port number, which is supplied to
      the client via the control connection. If an attacker can make
      a connection to the listening port before the client connects,
      the server will transmit the data to the attacker instead of
      the client.


It is also possible to hijack data connection while using active mode. The
only difference is that the attacker need to connect to the listening port
on the client machine.

I posted information about this to vuln-dev list two years ago.

Go and read:
http://lists.insecure.org/vuln-dev/2000/Jul/0269.html

Anyways, where can I find information about how You patched that
particular vulnerability?


---
Tomasz Grabowski  (0-91)4494234
Akademickie Centrum Informatyki
mailto:cadence () apollo aci com pl

Current thread:

Re: Security Update: [CSSA-2002-SCO.23] Open UNIX 8.0.0 UnixWare 7.1.1 : ftpd allows data connection hijacking via PASV mode Tomasz Grabowski (Jun 03)