Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_4

Bugtraq archives for 4th quarter (Oct-Dec) 1997: Re: CERT Advisory CA-97.27 - FTP_bounce

Re: CERT Advisory CA-97.27 - FTP_bounce

Aleph One (aleph1DFW.NET)
Thu, 11 Dec 1997 16:31:19 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aleph One: "Q163852: Invalid Operand with Locked CMPXCHG8B Instruction"
Previous message: Janos Farkas: "Re: CERT Advisory CA-97.27 - FTP_bounce"
In reply to: Janos Farkas: "Re: CERT Advisory CA-97.27 - FTP_bounce"
Next in thread: Barry Irwin: "Re: CERT Advisory CA-97.27 - FTP_bounce"

  Note that this has been discussed a long time ago. I approved it becuse
it is still an issue. For a nice recount of both active and passive attack
read Secure Networks paper "Some problems with the File Transfer Protocol,
a failure of common implementations, and suggestions for repair" at
http://www.secnet.com/papers/ftp-paper.html

Aleph One / aleph1dfw.net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01

Next message: Aleph One: "Q163852: Invalid Operand with Locked CMPXCHG8B Instruction"
Previous message: Janos Farkas: "Re: CERT Advisory CA-97.27 - FTP_bounce"
In reply to: Janos Farkas: "Re: CERT Advisory CA-97.27 - FTP_bounce"
Next in thread: Barry Irwin: "Re: CERT Advisory CA-97.27 - FTP_bounce"