Bugtraq mailing list archives
Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability
From: Rick Kelly <rmk () toad rmkhome com>
Date: Thu, 29 Nov 2001 17:07:19 -0700 (MST)
David Brownlee said:
Can confirm 'ls ~{' runs without problem by ftp on NetBSD 1.5.2, 1.4.1, and 1.3.2 systems.
ftp.rmkhome.com is NetBSD/i386 1.4.1 with wuftpd 2.6.1 I applied the patches from the wuftpd ftp site. This is what I see now: /home/rmk> ftp ftp.rmkhome.com Connected to tencats.rmkhome.com. 220 tencats.rmkhome.com FTP server (Version wu-2.6.1(3) Thu Nov 29 14:15:29 MST 2001) ready. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls ~{ 500 'EPSV': command not understood. 227 Entering Passive Mode (216,17,154,228,54,106) 550 Missing } ftp> Looks good to me. -- Rick Kelly rmk () rmkhome com www.rmkhome.com
Current thread:
- *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Dave Ahmad (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability script0r (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Andre Oppermann (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability David Brownlee (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Rick Kelly (Nov 30)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability script0r (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Todd C. Miller (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability GiulioMaria Fontana (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Flavio Veloso (Nov 29)
- <Possible follow-ups>
- RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Junius, Martin (Nov 29)
- RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Craig Leikis (Nov 29)
- RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Sandor W. Sklar (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Fred Mobach (Nov 30)