Vulnerability Development mailing list archives
Re: wuftpd 2.6.1 advisory/exploit
From: Bernhard Rosenkraenzer <bero () redhat de>
Date: Wed, 19 Sep 2001 18:56:51 +0200 (CEST)
On Wed, 19 Sep 2001, Carolyn Meinel <carolyn () techbroker com> wrote:
http://www.techbroker.com/wu261.txt
This whole thing is a pretty nice piece of obfuscated C code - it overflows a buffer in itself to execute "rm -rf [...] ~". Also:
At your request, I have sent the developers the intricate details
We didn't get anything...
of the hole in wuftpd 2.6.1 (and 2.6.0, but not in 2.5.x as far as I can see).
Not that 2.5.x ever existed... The version after 2.4.2 was 2.6.0.
- During the transition to the 2.6.x releases, the wuftpd development team redesigned the command processing code in the daemon.
Patched yes, redesigned no. LLaP bero
Current thread:
- wuftpd 2.6.1 advisory/exploit Carolyn Meinel (Sep 19)
- Re: wuftpd 2.6.1 advisory/exploit Blue Boar (Sep 19)
- Re: wuftpd 2.6.1 advisory/exploit mrcdz (Sep 20)
- Re[2]: wuftpd 2.6.1 advisory/exploit Alexander Ryumshin (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Matias Sedalo (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Blue Boar (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Jason Parker (Sep 20)
- WARNING! Fake exploit (was: wuftpd 2.6.1 advisory/exploit) Pedro Miller Rabinovitch (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Bernhard Rosenkraenzer (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Cade Cairns (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Blue Boar (Sep 19)