Bugtraq mailing list archives
ftpbounce-0.1.tar.gz
From: runeb () td org uit no (Rune Braathen)
Date: Tue, 27 Aug 1996 13:24:51 +0200
I have written a couple of java-programs to demonstrate the various problems of the ftp bounce-attack. The sources can be downloaded from URL http://www.td.org.uit.no/~runeb/services/ftpbounce-0.1.tar.gz Abstract: Due to a feature in the File Transfer Protocol (rfc959), ftp-servers can be manipulated to send data to arbitrary hosts. The connections appear to originate from the ftp-server, and can therefore be used to send data to hosts that are guarded by packet-filtering mechanisms or blocked by tcp-wrappers. -- __________________________________________________________________ runeb / cF - runeb () td org uit no - http://www.td.org.uit.no/~runeb a new life awaits you, in the off-world colonies.
Current thread:
- SGI Security Advisory 19960802-01 - Vulnerability in expreserve, (continued)
- SGI Security Advisory 19960802-01 - Vulnerability in expreserve SGI Security Coordinator (Aug 26)
- Privileges (was libresolv+ bug) Paul McNabb (Aug 26)
- [BUG] Vulnerability in PINE Sean B. Hamor (Aug 26)
- Tired of /tmp? Here's a proposed solution Igor Chudov @ home (Aug 26)
- Re: Tired of /tmp? Here's a proposed solution Guido M. Witmond (Aug 27)
- Re: Tired of /tmp? Here's a proposed solution Thomas Koenig (Aug 28)
- Re: Tired of /tmp? Here's a proposed solution Sean B. Hamor (Aug 28)
- Re: Tired of /tmp? Here's a proposed solution mdr () vodka sse att com (Aug 28)
- Rlogin vulnerabilty Gabriele Avosani (Aug 28)
- Tired of /tmp? Here's a proposed solution Igor Chudov @ home (Aug 26)
- Re: Tired of /tmp? Here's a proposed solution Matthew J Brown (Aug 28)
- ftpbounce-0.1.tar.gz Rune Braathen (Aug 27)
- Re: [BUG] Vulnerability in PINE Linux Mailing Lists (Aug 28)
- Re: [BUG] Vulnerability in PINE Sean B. Hamor (Aug 28)
- Re: [BUG] Vulnerability in PINE Jason Haar (Aug 29)
- HOLE: Unixware 2.03: crontab -e Hannu Laurila (Aug 29)