|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Buffer overflow in ftpd and locate bug
[tgo] (tgo
NEARZ.ORG)Fri, 30 Apr 1999 22:25:14 -0300
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Jamie Rishaw: "FreeBSD 3.1 remote reboot exploit"
- Previous message: Patrick J. Volkerding: "Re: Possible Linuxconf Vulnerability"
- In reply to: Sergey V. Kolychev: "Buffer overflow in ftpd and locate bug"
- Next in thread: Przemyslaw Frasunek: "Re: Buffer overflow in ftpd and locate bug"
On 23 February I send to bugtraq a comment about this problem (ignored by aleph1 ? hehe :) http://www.nearz.org/new/lynx/text/1999/FEB-Pathnames On Fri, 30 Apr 1999, Sergey V. Kolychev wrote: > Hi. > > I had problem with locate from findutils-4.1.24.rpm from Redhat-5.1 > It segfaults if we have huge directory at incoming ftp which created > by exploits for ftpd realpath hole. My ftpd is patched. Those exploits > ,i think, should not afraid me, but if updatedb puts to locate database > that directory then locate segfaults. ( getline.c 104 row by gdb ) > I guess it can be used for running arbitrary commands if root runs locate. > > I had look to latest Redhat-6.0 findutils-4.1.31.rpm but it still > based on findutils-4.1 as well as findutils-4.1.24 and haven't any > patches from redhat concerning subject and I am sure it stiil vulnerable. > > > ----------------------Alchevsk Linux User Group----------------------- > I don't call, I don't cry , I don't sorry. > All will gone like a white appletreeses's smoke... (S.Esenin) > http://www.ic.al.lg.ua/~ksv | e-mail: ksv
- Next message: Jamie Rishaw: "FreeBSD 3.1 remote reboot exploit"
- Previous message: Patrick J. Volkerding: "Re: Possible Linuxconf Vulnerability"
- In reply to: Sergey V. Kolychev: "Buffer overflow in ftpd and locate bug"
- Next in thread: Przemyslaw Frasunek: "Re: Buffer overflow in ftpd and locate bug"