Vulnerability Development mailing list archives

Re: Extending the FTP "ALG" vulnerability to any FTP client

From: dugsong () MONKEY ORG (Dug Song)
Date: Sat, 11 Mar 2000 16:05:45 -0500


On Fri, 10 Mar 2000, Mikael Olsson wrote:

  I'm theorizing. But that's what I did with the FTP PASV
  attack aswell, and right enough, less than a day later reports
  came dropping in, and a few days after that Dug Song had written
  a generic proof-of-concept hack. Care to type up another one?


since you asked so nicely. :-)

        http://www.monkey.org/~dugsong/ftpd-ozone.c.txt

reverse firewall penetration is really nothing new, though...

-d.

---
http://www.monkey.org/~dugsong/

Current thread:

MS Frontpage shtml.dll Path Leak Vulnerability, (continued)
- - - MS Frontpage shtml.dll Path Leak Vulnerability Greg (Mar 12)
    - NT 4.0 (Workstation) Logon Authentication Vulnerability jhw1970 () HOTMAIL COM (Mar 14)
    - Re: NT 4.0 (Workstation) Logon Authentication Vulnerability Phil Cox (Mar 14)
    - Re: NT 4.0 (Workstation) Logon Authentication Vulnerability Maxime Rousseau (Mar 15)
    - Re: MS Frontpage shtml.dll Path Leak Vulnerability Marc (Mar 14)
    - Re: Unwanted automagic processing (Was: Re: [Q] CORBA, IIOP) Simon Tamás (Mar 13)
    - (another) MS Outlook hole in embedded metafiles? Michael Wojcik (Mar 08)
    - Re: spoofing the ethernet address Pavel Kankovsky (Mar 09)
    - Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 10)
    - DoS in ArGoSoft FTP Server, Version 1.04 (1.0.4.4) for win* Knud Erik Hřjgaard (Feb 11)
    - Re: Extending the FTP "ALG" vulnerability to any FTP client Dug Song (Mar 11)
    - Security auditing of network infrastructure Martin M Samson (Mar 11)
    - information being stored from cgi forms Bob Johnson (Mar 10)
    - Re: information being stored from cgi forms Crispin Cowan (Mar 10)
- Re: spoofing the ethernet address Timothy J. Miller (Mar 13)
- Re: spoofing the ethernet address Arnold, Jamie (Mar 14)
  - Re: spoofing the ethernet address John Flux (Mar 14)
  - Re: spoofing the ethernet address Juan M. Courcoul (Mar 15)
  - Linux Mandrake 6.1 PAM/userhelper exploit Paulo Ribeiro (Mar 16)
  - AIM 3.0 Buffer Overflow exploit lewkir () YAHOO COM (Mar 17)
    - Re: AIM 3.0 Buffer Overflow exploit Jamal Hendershot (Mar 19)

(Thread continues...)

Vulnerability Development mailing list archives

Re: Extending the FTP &quot;ALG&quot; vulnerability to any FTP client

Current thread:

Re: Extending the FTP "ALG" vulnerability to any FTP client