Vulnerability Development mailing list archives
Re: Red Hat 6.2's ftp segmentation fault
From: phr () DOC IC AC UK (Philip Rowlands)
Date: Fri, 23 Jun 2000 21:39:52 +0100
Paulo Ribeiro wrote:
[snip ftp crash]
Any idea?
Try 'strings core'. You'll find your password nicely on display in plaintext. This is hard to exploit, but still poor security. (Although your password did just go across the network in plaintext, so a core dump is the least of your problems). The issue here is that your actual, cleartext password need *never* appear on any disk, anywhere at any time. If it's being stored or transmitted, it should be hashed or encrypted. The authentication client (e.g. ftp, ssh) should mlock(2) the buffer allocated for the password, and then memset(3) it as soon the authetication is complete. Non-root processes can't ordinarily lock memory, so you might find your password in swap. But there is no reason to hang on to the password once authentication completes. Phil
Current thread:
- Re: Another new worm???, (continued)
- Re: Another new worm??? Steve Mosher (Jun 22)
- Re: Another new worm??? Michael S Hines (Jun 23)
- Re: Another new worm??? David Knaack (Jun 22)
- Re: Another new worm??? Jason Legate (Jun 22)
- Re: Another new worm??? David Knaack (Jun 22)
- Re: Another new worm??? Jason Legate (Jun 22)
- Red Hat 6.2's ftp segmentation fault Paulo Ribeiro (Jun 22)
- Re: Red Hat 6.2's ftp segmentation fault Osvaldo J. Filho (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Michal Zalewski (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Jeff Bachtel (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Philip Rowlands (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Bluefish (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Jim Kinney (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Blue Boar (Jun 24)
- Different attack vector - PXE-2.0 protocol Ollie Whitehouse (Jun 25)
- Spoofed FTP connections John Scimone (Jun 25)
- Re: Red Hat 6.2's ftp segmentation fault Jason Storm (Jun 24)
- Keyboard recording Martin M Samson (Jun 21)
- Re: Another new worm??? Blue Boar (Jun 21)
- Re: Another new worm??? Steve Mosher (Jun 22)