Vulnerability Development mailing list archives

Re: Microsoft FTP Program

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Thu, 22 Mar 2001 20:55:48 -0500

On Wed, 21 Mar 2001, SteeLe wrote:

ftp> quote 0x%x.0x%x.0x%x.0x%x.0x%x.0x%x.0x%x.0x%x
500 '0X7800BB4B.0X10072B8.0X1008820.0X0.0X56F3E8.0X78257830.0X2578302E.0X78302E7
8': command not understood.

I do know that the ftp program in most linux distros had this problem
a while back but who knew it would pass on to Windows.


old news. i believe the ftp client is based on older BSD code which yes
has string format vulnerabilities.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

Microsoft FTP Program SteeLe (Mar 22)
- <Possible follow-ups>
- Re: Microsoft FTP Program Syzop (Mar 23)
- Re: Microsoft FTP Program Jose Nazario (Mar 23)
- Re: Microsoft FTP Program Eric D. Williams (Mar 23)
- Re: Microsoft FTP Program Bruno Lustosa (Mar 23)
- Re: Microsoft FTP Program Eric D. Williams (Mar 25)