Vulnerability Development mailing list archives
Re: proftpd format bug
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Sun, 9 Dec 2001 18:50:36 -0500 (EST)
On Sun, 4 Dec 2005, Fuska wrote:
Sorry if this has been already reported.
ftp> quote site %p 500 'SITE 0X8055F1E' not understood. ftp> quote site %s 421 Service not available, remote server has closed connection
to differentiate between a client and a server bug, please use a client like netcat or telnet: $ nc server 21 220 server.site.edu NcFTPd Server (free educational license) ready. user anonymous 331 Guest login ok, send your complete e-mail address as password. pass jose@ 230-You are user #1 of 50 simultaneous users allowed. 230 Logged in anonymously. cwd %n 550 No such directory. hope this helps. this is a common issue with ftp string format atacks, people finding client bugs and thinking they're server bugs. please do this test to find out which it is. ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu)
Current thread:
- proftpd format bug Fuska (Dec 09)
- Re: proftpd format bug Robert van der Meulen (Dec 09)
- Re: proftpd format bug Jose Nazario (Dec 09)