|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: serious security bug in wu-ftpd v2.4
der Mouse (mouse
Holo.Rodents.Montreal.QC.CA)Mon, 6 Jan 1997 07:54:38 -0500
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Bjorn Wesen: "Re: serious security bug in wu-ftpd v2.4 -- PATCH"
- Previous message: Yuri Volobuev: "Irix: csetup hole"
- Maybe in reply to: Aleph One: "serious security bug in wu-ftpd v2.4"
>> In many instances, the ftpd server gets the SIGPIPE due to the
>> closed data connection and begins the dologout() procedure.
> The data connection is already closed due to the SIGPIPE right ?
Well, no, the server gets SIGPIPE _because_ the data connection is
gone, not the other way around.
> No wait.. there are two socket connections if one doesnt use passive
> mode ? Only allowing passive mode filetransfer could also be a
> temporary solution to fix this problem. Correct me if I am wrong.
Sorry; there are two connections open any time there's a data transfer
in progress. When setting up the data connection, one end does the
listen and one end does the connect, and the difference between PASV
mode and PORT mode is which end does which.
der Mouse
mouserodents.montreal.qc.ca
7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
- Next message: Bjorn Wesen: "Re: serious security bug in wu-ftpd v2.4 -- PATCH"
- Previous message: Yuri Volobuev: "Irix: csetup hole"
- Maybe in reply to: Aleph One: "serious security bug in wu-ftpd v2.4"