|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: BoS: another two bugs in ftpd
Norman Shulman (norm
border.com)Tue, 15 Oct 1996 15:07:15 -0400
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: D. J. Bernstein: "Re: Excellent host SYN-attack fix for BSD hosts"
- Previous message: Bruce Barnett: "HP/UX Remote Watch (was Re: BoS: SOD remote exploit)"
- In reply to: Vadim Kolontsov: "another two bugs in ftpd"
- Next in thread: Yiorgos Adamopoulos: "Re: BoS: another two bugs in ftpd"
On Tue, 15 Oct 1996, Vadim Kolontsov wrote:
> wuftpd can create core dump in two following situation too (yes, dump
> will contain some subset of shadowed passwords):
>
> 2) more than 100 arguments to any executable command (for example, "list")
> (caused by error in ftpd_popen())
>
> .... Second error presents in all versions of bsd's ftpd, wu-ftpd and
> derived (as far as I know).
> Bugfixes are simple. Checking for "pw != NULL" in first case, and
> checking for "argc < 100" in another one (see sources).
There is a similar error in ftpd_popen() if globbing the arguments produces over 1000.
(The fix is similar too.)
Norm
Norman Shulman Border Network Technologies Inc.
Software Engineer Tel 1 416 368 7157 ext 304
normborder.com Fax 1 416 368 7178
- Next message: D. J. Bernstein: "Re: Excellent host SYN-attack fix for BSD hosts"
- Previous message: Bruce Barnett: "HP/UX Remote Watch (was Re: BoS: SOD remote exploit)"
- In reply to: Vadim Kolontsov: "another two bugs in ftpd"
- Next in thread: Yiorgos Adamopoulos: "Re: BoS: another two bugs in ftpd"