Bugtraq mailing list archives

Concerning the LDAP Enabled Netscape FTP Server

From: ah () SECURITYFOCUS COM (Alfred Huger)
Date: Tue, 27 Jun 2000 09:21:36 -0700


Over the last few days a great number of people have mailed us in regards
to the "Netscape Professional Services FTP Server Vulnerability"
(http://www.securityfocus.com/bid/1375) discovered by Michal Zalewski
<lcamtuf () tpi pl> and posted to the Bugtraq mailing list on Wed, 21 Jun
2000.

The following mail which we recieved should shed some light on the
subject. Thanks to both Netscape and Kurt Seifried for digging into this.

Alfred Huger
VP of Engineering
SecurityFocus.com

---------- Forwarded message ----------
Date: Tue, 27 Jun 2000 16:51:00 +0200
From: Uwe Springmann <uspring () netscape com>
To: Kurt Seifried <seifried () securityportal com>
Cc: vuldb () securityfocus com, lord () netscape com
Subject: Re: Netscape ftp Server (fwd)

Kurt,

I do know your name as I am routinely reading your weekly postings. Good work!

Concerning Netscape FTP-Server: The fact is, there are versions of this
software which have the posted problems. This LDAP-aware ftp server never
was an official Netscape product but something our Professional Service
people used to supply our Enterprise Web Server with upload functionality
(especially with big ISP's and virtual domain hosting).

Every installation of this software required making adapations and
changing the code in several ways. At present we don't know which version
at which site might be vulnerable. We do know that we have installations
in Germany which are not vulnerable (the mail below refers to these
installations).

Currently we are working to do a overhaul of this piece of software to
give customers the possibility to use an LDAP-aware FTP-server, and to get
rid of these security problems. This is a high priority project and I'll
let you know when it is finished.

The BUGTRAQ people asked for a contact within Netscape for general
Netscape / iPlanet products security issues. Bob Lord (now Director for
Security with the Mozilla Project) will serve this role and could route to
the appropriate people within our company.

I will keep you posted.

Uwe

Current thread:

Sendmail 8.10.2, Linux 2.4.0 - capabilities Valdis Kletnieks (Jun 08)
- Re: Sendmail 8.10.2, Linux 2.4.0 - capabilities Kyle Sparger (Jun 08)
  - Re: Sendmail 8.10.2, Linux 2.4.0 - capabilities xdr (Jun 09)
  - format bugs, in addition to the wuftpd bug Lamagra Argamal (Jun 24)
    - Re: format bugs, in addition to the wuftpd bug H D Moore (Jun 26)
    - iMesh 1.02 vulnerability Blue Panda (Jun 29)
    - Re: format bugs, in addition to the wuftpd bug Jason Axley (Jun 29)
    - Concerning the LDAP Enabled Netscape FTP Server Alfred Huger (Jun 27)
  - Glftpd privpath bugs... +fix Raymond Dijkxhoorn (Jun 26)
    - Re: Glftpd privpath bugs... +fix Scott (Jun 27)
- CONECTIVA LINUX SECURITY ANNOUNCEMENT - kernel Sergio Bruder (Jun 08)
- Sendmail & procmail local root exploits on Linux kernel up to 2.2.16pre5 Wojciech Purczynski (Jun 08)
- OpenSSH's UseLogin option allows remote access with root privilege. Markus Friedl (Jun 09)
  - Re: OpenSSH's UseLogin option allows remote access with root privilege. Bernhard Rosenkraenzer (Jun 10)
    - Re: OpenSSH's UseLogin option allows remote access with root privilege. Phil Stracchino (Jun 10)
    - IBM WebSphere JSP showcode vulnerability stuart.mcclure () FOUNDSTONE COM (Jun 11)
    - Re: OpenSSH's UseLogin option allows remote access with root privilege. Markus Friedl (Jun 12)
    - Using IP Filter to protect FW-1 4.0 (fwd) Darren Reed (Jun 12)

(Thread continues...)