|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: ftpd: the advisory version
From: Richard Rager (kb8rln
PENGUINMASTER.COM)Date: Tue Jul 11 2000 - 12:47:49 CDT
- Next message: Rikard Carlsson: "Infosec.20000712.worldclient.2.1"
- Previous message: xternal: "Big Brother filename extension vulnerability"
- In reply to: D. J. Bernstein: "Re: ftpd: the advisory version"
- Next in thread: Mikael Olsson: "Re: ftpd: the advisory version"
- Reply: Richard Rager: "Re: ftpd: the advisory version"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 10 Jul 2000, D. J. Bernstein wrote:
> 1. Surely there are other people still wondering about proftpd. Can an
> attacker take over proftpd 1.2.0pre10? CERT seems to say yes, but the
> maintainer says ``relatively minor.'' What's the deal?
>
Yes I have had someone get a shell account on my box with proftpd
1.2.0pre10. I was able to keep him out for a little more with time with
kernel 2.2.16 until the code changed. This is in the wild!
> 2. I agree that setproctitle() is rather pointless. My comments were
> about all functions with printf()-type format strings. Typical strings
> should fail as format strings.
>
Yes
I was running proftpd in stand alone mode. The proftpd dies in some of
these attacts. It was running as user ftp.
Enjoy,
Richard
- Next message: Rikard Carlsson: "Infosec.20000712.worldclient.2.1"
- Previous message: xternal: "Big Brother filename extension vulnerability"
- In reply to: D. J. Bernstein: "Re: ftpd: the advisory version"
- Next in thread: Mikael Olsson: "Re: ftpd: the advisory version"
- Reply: Richard Rager: "Re: ftpd: the advisory version"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]