Vulnerability Development mailing list archives
Re: linux-ftpd 0.16 is also vulnerable
From: drow () FALSE ORG (Daniel Jacobowitz)
Date: Wed, 28 Jun 2000 14:16:56 -0700
That's wrong. I don't know if linux-ftpd is vulnerable or not, but I do know that FTP itself is. Your client is interpreting the %p. Note that the X in 0x805F520 is capitalized. That means that it was recieved by the server as part of the site command in the first place. On Tue, Jun 27, 2000 at 11:53:19PM -0300, Paulo Ribeiro wrote:
Hello. As I can see, linux-ftpd 0.16 is as vulnerable as wu-ftpd-2.6.0. Demo.: ftp> SITE %p 500 'SITE 0X805F520': command not understood. ftp> SITE %s 500 'SITE @:E:': command not understood. (...) This e-mail was sent to BUGTRAQ and to the its authors. Yours, Paulo Ribeiro.
Dan /--------------------------------\ /--------------------------------\ | Daniel Jacobowitz |__| SCS Class of 2002 | | Debian GNU/Linux Developer __ Carnegie Mellon University | | dan () debian org | | dmj+ () andrew cmu edu | \--------------------------------/ \--------------------------------/
Current thread:
- *snprinf vs strncpy (misconception), (continued)
- *snprinf vs strncpy (misconception) Matt Conover (Jun 28)
- Re: Another new worm??? Crispin Cowan (Jun 24)
- Re: Another new worm??? sigipp () WELLA COM BR (Jun 26)
- Re: Another new worm??? Mark Rafn (Jun 26)
- Re: Another new worm??? Blue Boar (Jun 26)
- Webramp 310e Call Back Tom Sutherland (Jun 27)
- Re: Another new worm??? Erik Debill (Jun 27)
- HP's OpenMail 6.0 for linux. Larry Cashdollar (Jun 27)
- Re: Another new worm??? Dimitry Andric (Jun 27)
- linux-ftpd 0.16 is also vulnerable Paulo Ribeiro (Jun 27)
- Re: linux-ftpd 0.16 is also vulnerable Daniel Jacobowitz (Jun 28)
- Re: Another new worm??? Dan Schrader (Jun 26)
- Re: Another new worm??? edurflinger () CORNINGDATA COM (Jun 28)
- Re: Another new worm??? Dan Schrader (Jun 28)
- Re: Another new worm??? Blue Boar (Jun 28)
- Re: Another new worm??? tschweikle () FIDUCIA DE (Jun 28)