Bugtraq mailing list archives
Re: Update: Extending the FTP "ALG" vulnerability to any FTP client
From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Wed, 15 Mar 2000 09:02:53 +0100
Darren Reed wrote:
In some mail from Mikael Olsson, sie said:* RealAudio/Video (secondary UDP channel)This can't be exploited in even close to the same way, if the proxy is properly implemented. You might be able to write a java class to exploit this from a web server which was waiting more easily than playing funny games with URL's in HTML pages...if the web server is evil, having java enabled is a big risk.
You're most likely right; I was just listing a couple of apps that work with secondary data channels. Also, I was in no way suggesting that this specific FTP vulnerability would affect RealAudio, hence the section title "The Big Picture".
Workarounds to this specific vulnerability -------------------------------------------- * Disable active FTP. Errrr, wait. The fix for the server side vulnerability was to disable passive FTP.Which specific vulnerability was this ? And was it a vulnerability or a DoS problem ?
It was the "Multiple firewalls FTP server "PASV" vulnerability" mentioned in my reference list. Basically does the same thing - letting people connect to any port - but on FTP servers instead. The official "fix" was "disable passive FTP". Well, since the "fix" for this is "disable active FTP".. ... :-) /Mike -- Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK Phone: +46 (0)660 105 50 Fax: +46 (0)660 122 50 Mobile: +46 (0)70 66 77 636 WWW: http://www.enternet.se E-mail: mikael.olsson () enternet se
Current thread:
- Update: Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 14)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Darren Reed (Mar 14)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 15)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Darren Reed (Mar 15)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 15)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Darren Reed (Mar 14)