Vulnerability Development mailing list archives
Re: compress(vul) + ftpd(?)
From: H D Moore <hdm () digitaloffense net>
Date: Thu, 7 Mar 2002 09:57:02 -0600
On Thursday 07 March 2002 09:30 am, HypH wrote:
On Thu 7. March 2002 15:18, H D Moore wrote:YES. wu-ftpd will call compress with the file name as an argument if you request the file name ending in .Z. You have to be able to write out a file name containing the shell code to exploit the bug.The problem is that the file have to be 1100 chars long , with the shellcode within. But wu-ftpd doesn`t allow/handle so long filenames.
Hmm.. What about splitting the shellcode into different directories and the requesting the full path to the file (directories and all) ending in .Z?
Current thread:
- compress(vul) + ftpd(?) HypH (Mar 05)
- Re: compress(vul) + ftpd(?) H D Moore (Mar 07)
- Message not available
- Re: compress(vul) + ftpd(?) HypH (Mar 07)
- Re: compress(vul) + ftpd(?) H D Moore (Mar 07)
- Re: compress(vul) + ftpd(?) HypH (Mar 09)
- Re: compress(vul) + ftpd(?) KF (Mar 09)
- Re: compress(vul) + ftpd(?) HypH (Mar 09)
- Re: compress(vul) + ftpd(?) HypH (Mar 07)
- Re: compress(vul) + ftpd(?) Pavel Kankovsky (Mar 09)
- Re: compress(vul) + ftpd(?) H D Moore (Mar 10)
- Re: compress(vul) + ftpd(?) Pavel Kankovsky (Mar 11)
- Re: compress(vul) + ftpd(?) H D Moore (Mar 12)
- Re: compress(vul) + ftpd(?) Gushterul (Mar 12)
- Re: compress(vul) + ftpd(?) HypH (Mar 11)
- Re: compress(vul) + ftpd(?) Mats Linander (Mar 11)