Vulnerability Development mailing list archives
Re: [Ftp client , Format strings and SEGFAULTS]
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Wed, 5 Dec 2001 14:29:57 -0500 (EST)
On Wed, 5 Dec 2001, KF wrote:
Theoretically a server could construct a malicious response to a site quote command and maybe take control of the client...
So far, we've seen fault conditions while parsing user-provided input (commands). I didn't audit Linux ftp client, but I've performed several tests some time ago, and I recall it seems to handle server responses well. I didn't look too carefully, so it might be possible somewhere (handling more advanced commands like 'mget', perhaps?), but it looks good with simple activity... -- _____________________________________________________ Michal Zalewski [lcamtuf () bos bindview com] [security] [http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};: =-=> Did you know that clones never use mirrors? <=-= http://lcamtuf.coredump.cx/photo/
Current thread:
- [Ftp client , Format strings and SEGFAULTS] KF (Dec 05)
- Re: [Ftp client , Format strings and SEGFAULTS] Michal Zalewski (Dec 05)
- Re: [Ftp client , Format strings and SEGFAULTS] KF (Dec 05)
- Re: [Ftp client , Format strings and SEGFAULTS] Michal Zalewski (Dec 05)