OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Eduardo Cruz (eduardo.cruztsg.com)
Date: Sun Dec 09 2001 - 07:00:10 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Connected to localhost.
    220 cimitarra FTP server (BeroFTPD 1.3.4(1) Wed May 30 18:22:32 CEST 2001)
    ready.
    Name (localhost:root): anonymous
    331 Guest login ok, send your complete e-mail address as password.
    Password:
    230-Welcome, archive user! This is an experimental FTP server. If have any
    230-unusual problems, please report them via e-mail to rootcimitarra
    230-If you do have problems, please try using a dash (-) as the first
    character
    230-of your password -- this will turn off the continuation messages that
    may
    230-be confusing your ftp client.
    230-
    230 Guest login ok, access restrictions apply.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp> ls ~{
    200 PORT command successful.
    550 Missing }
    ftp>

    just patch glob.c ur self, or use the mine already patched (attached).
    And about the maintenance of beroftp, as far as i know is not being done
    since years ago.
    Anyway appart from the bugs derivating from vuftpd i dont see the point on
    maintaining bero,
    i find it quite perfect like it is.

    have fun

    ----- Original Message -----
    From: "KF" <dotslashsnosoft.com>
    To: <vuln-devsecurity-focus.com>
    Sent: Tuesday, December 02, 2003 4:38 AM
    Subject: Older BeroFTPD glob

    > This is in the wu family... I don't know if it is still maintained and
    > its had other issues like format strings and
    > overflows...I just grabbed a random patch/version level to check this.I
    > don't know about newer versions.
    > beroftpd-1.3.3-1.ppc.rpm:
    >
    > [rootibook root]# ftp localhost
    > Connected to localhost.localdomain.
    > 220 ibook FTP server (BeroFTPD 1.3.3(1) Fri Jun 25 09:15:02 PDT 1999)
    ready.
    > Name (localhost:root): anonymous
    > 331 Guest login ok, send your complete e-mail address as password.
    > Password:
    > 230 Guest login ok, access restrictions apply.
    > Remote system type is UNIX.
    > Using binary mode to transfer files.
    > ftp> ls ~{
    > 200 PORT command successful.
    > 421 Service not available, remote server has closed connection
    >
    > -KF
    >

    • application/octet-stream attachment: glob.c