Bugtraq mailing list archives

Re: BoS: another two bugs in ftpd

From: norm () border com (Norman Shulman)
Date: Tue, 15 Oct 1996 15:07:15 -0400


On Tue, 15 Oct 1996, Vadim Kolontsov wrote:

  wuftpd can create core dump in two following situation too (yes, dump
will contain some subset of shadowed passwords):

2) more than 100 arguments to any executable command (for example, "list")
   (caused by error in ftpd_popen())

.... Second error presents in all versions of bsd's ftpd, wu-ftpd and
derived (as far as I know).
  Bugfixes are simple. Checking for "pw != NULL" in first case, and
checking for "argc < 100" in another one (see sources).


There is a similar error in ftpd_popen() if globbing the arguments produces over 1000.
(The fix is similar too.)

Norm


                   Norman Shulman      Border Network Technologies Inc.
                Software Engineer      Tel 1 416 368 7157 ext 304
                  norm () border com      Fax 1 416 368 7178

Current thread:

Re: bin/1805: Bug in ftpd Marc Slemko (Oct 14)
- another two bugs in ftpd Vadim Kolontsov (Oct 14)
  - Re: BoS: another two bugs in ftpd Yiorgos Adamopoulos (Oct 15)
  - Re: BoS: another two bugs in ftpd Norman Shulman (Oct 15)