Vulnerability Development mailing list archives
Re: Older BeroFTPD glob
From: "Eduardo Cruz" <eduardo.cruz () tsg com>
Date: Sun, 9 Dec 2001 14:00:10 +0100
Connected to localhost.
220 cimitarra FTP server (BeroFTPD 1.3.4(1) Wed May 30 18:22:32 CEST 2001)
ready.
Name (localhost:root): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
230-Welcome, archive user! This is an experimental FTP server. If have any
230-unusual problems, please report them via e-mail to root@cimitarra
230-If you do have problems, please try using a dash (-) as the first
character
230-of your password -- this will turn off the continuation messages that
may
230-be confusing your ftp client.
230-
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ~{
200 PORT command successful.
550 Missing }
ftp>
just patch glob.c ur self, or use the mine already patched (attached).
And about the maintenance of beroftp, as far as i know is not being done
since years ago.
Anyway appart from the bugs derivating from vuftpd i dont see the point on
maintaining bero,
i find it quite perfect like it is.
have fun
----- Original Message -----
From: "KF" <dotslash () snosoft com>
To: <vuln-dev () security-focus com>
Sent: Tuesday, December 02, 2003 4:38 AM
Subject: Older BeroFTPD glob
This is in the wu family... I don't know if it is still maintained and its had other issues like format strings and overflows...I just grabbed a random patch/version level to check this.I don't know about newer versions. beroftpd-1.3.3-1.ppc.rpm: [root@ibook root]# ftp localhost Connected to localhost.localdomain. 220 ibook FTP server (BeroFTPD 1.3.3(1) Fri Jun 25 09:15:02 PDT 1999)
ready.
Name (localhost:root): anonymous
331 Guest login ok, send your complete e-mail address as password.
Password:
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ~{
200 PORT command successful.
421 Service not available, remote server has closed connection
-KF
Attachment:
glob.c
Description:
Current thread:
- Older BeroFTPD glob KF (Dec 09)
- Re: Older BeroFTPD glob Eduardo Cruz (Dec 09)
- Re: Older BeroFTPD glob Bernhard Rosenkraenzer (Dec 09)
- Re: Older BeroFTPD glob Eduardo Cruz (Dec 10)
- Re: Older BeroFTPD glob Bernhard Rosenkraenzer (Dec 10)
- Re: Older BeroFTPD glob Bernhard Rosenkraenzer (Dec 09)
- Re: Older BeroFTPD glob Eduardo Cruz (Dec 09)
- <Possible follow-ups>
- re: Older BeroFTPD glob KF (Dec 09)
- Re: Older BeroFTPD glob Eduardo Cruz (Dec 10)