Vulnerability Development mailing list archives
Re: BUG in ftp client on *BSD and Solaris system?
From: Vanja Hrustic <vanja () vanja com>
Date: Sat, 1 Jun 2002 13:07:31 +0700
On Fri, 31 May 2002 21:36:55 +0200 Admin <admin () www dragonlance eu org> wrote:
>root@Wayreth[~]: ftp ftp.unina.it >Connected to ftp.unina.it. >220 >Name (ftp.unina.it:root): ^\Quit (core dumped) >root@Wayreth[~]: for do that, just push CTRL+รน when the user is requested... Tested system:
<snip> Very old issue, and mostly useless. But... Few years ago, I used this to mess-up Platinum ACX (AutoSecure) on a HP-UX platform. Even if ACX setup would try to prevent root from doing anything, I would simply create a symlink (core -> any ACX protected file, including ACX files themselves), and dump core with FTP client. Protected file was overwritten. No idea if this was ever fixed, since ACX guys blamed HP-UX for this. Never got anything back from them. If you run ACX, give it a try - it might still work. Vanja
Current thread:
- BUG in ftp client on *BSD and Solaris system? Admin (May 31)
- Re: BUG in ftp client on *BSD and Solaris system? Luciano Miguel Ferreira Rocha (Jun 01)
- Re: BUG in ftp client on *BSD and Solaris system? elguapo (Jun 01)
- 72% of web base ping scripts allows attackers to pass malicious parameters John Thornton (Jun 01)
- Re: BUG in ftp client on *BSD and Solaris system? Crist J. Clark (Jun 01)
- Re: BUG in ftp client on *BSD and Solaris system? Philipp Buehler (Jun 01)
- Re: BUG in ftp client on *BSD and Solaris system? Vanja Hrustic (Jun 01)
- Re: BUG in ftp client on *BSD and Solaris system? T0aD (Jun 01)
- Re: BUG in ftp client on *BSD and Solaris system? Admin (Jun 01)