Vulnerability Development mailing list archives
Re: Red Hat 6.2's ftp segmentation fault
From: 11a () GMX NET (Bluefish)
Date: Sat, 24 Jun 2000 21:24:07 +0200
Try 'strings core'. You'll find your password nicely on display in plaintext. This is hard to exploit, but still poor security. (Although your password did just go across the network in plaintext, so a core dump is the least of your problems).
I assume the correct limits, or correct umask will solve that problem.
The issue here is that your actual, cleartext password need *never* appear on any disk, anywhere at any time. If it's being stored or transmitted, it should be hashed or encrypted.
Obviously it has to be in memory SOME time, in order to encrypt (hash) it. Remember that cores aren't created deliberatly!!
The authentication client (e.g. ftp, ssh) should mlock(2) the buffer allocated for the password, and then memset(3) it as soon the authetication is complete. Non-root processes can't ordinarily lock memory, so you might find your password in swap. But there is no reason to hang on to the password once authentication completes.
Agree, that's a good idea. Of course, a badly encoded crypt() etc could cause you some trouble ;) ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team
Current thread:
- Re: Another new worm???, (continued)
- Re: Another new worm??? Michael S Hines (Jun 23)
- Re: Another new worm??? David Knaack (Jun 22)
- Re: Another new worm??? Jason Legate (Jun 22)
- Re: Another new worm??? David Knaack (Jun 22)
- Re: Another new worm??? Jason Legate (Jun 22)
- Red Hat 6.2's ftp segmentation fault Paulo Ribeiro (Jun 22)
- Re: Red Hat 6.2's ftp segmentation fault Osvaldo J. Filho (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Michal Zalewski (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Jeff Bachtel (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Philip Rowlands (Jun 23)
- Re: Red Hat 6.2's ftp segmentation fault Bluefish (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Jim Kinney (Jun 24)
- Re: Red Hat 6.2's ftp segmentation fault Blue Boar (Jun 24)
- Different attack vector - PXE-2.0 protocol Ollie Whitehouse (Jun 25)
- Spoofed FTP connections John Scimone (Jun 25)
- Re: Red Hat 6.2's ftp segmentation fault Jason Storm (Jun 24)
- Keyboard recording Martin M Samson (Jun 21)
- Re: Another new worm??? Blue Boar (Jun 21)
- Re: Another new worm??? Steve Mosher (Jun 22)
- disclosure and risk to list subscribers (Re: Another new worm???) Mark Rafn (Jun 22)