Bugtraq mailing list archives
Re: BoS: another two bugs in ftpd
From: norm () border com (Norman Shulman)
Date: Tue, 15 Oct 1996 15:07:15 -0400
On Tue, 15 Oct 1996, Vadim Kolontsov wrote:
wuftpd can create core dump in two following situation too (yes, dump will contain some subset of shadowed passwords): 2) more than 100 arguments to any executable command (for example, "list") (caused by error in ftpd_popen()) .... Second error presents in all versions of bsd's ftpd, wu-ftpd and derived (as far as I know). Bugfixes are simple. Checking for "pw != NULL" in first case, and checking for "argc < 100" in another one (see sources).
There is a similar error in ftpd_popen() if globbing the arguments produces over 1000. (The fix is similar too.) Norm Norman Shulman Border Network Technologies Inc. Software Engineer Tel 1 416 368 7157 ext 304 norm () border com Fax 1 416 368 7178
Current thread:
- Re: bin/1805: Bug in ftpd Marc Slemko (Oct 14)
- another two bugs in ftpd Vadim Kolontsov (Oct 14)
- Re: BoS: another two bugs in ftpd Yiorgos Adamopoulos (Oct 15)
- Re: BoS: another two bugs in ftpd Norman Shulman (Oct 15)
- another two bugs in ftpd Vadim Kolontsov (Oct 14)