Bugtraq mailing list archives
Re: CERT Advisory CA-97.27 - FTP_bounce
From: ahuger () SECURENETWORKS COM (Alfred Huger)
Date: Fri, 12 Dec 1997 12:10:03 -0700
For those of you wanting to test this problem have a look at http://www.rootshell.com/hacking/ftpBounceAttack
The FTP bounce attack as some people here have already noted, is quite old. A paper which has not been mentioned is one written by Hobbit which is available at ftp://ftp.avian.org/random/ftp-attack . Hobbit documented and wrote fixes for this problem quite some time ago. In fact, I believe this was the first paper really describing the problem and Hobbit may very well have been the one to discover it, although of this I am not sure. In any event, the paper is very succinct and goes a long way towards explaining the problem at length as well as showing how intruders etc. may use it. /**************************************************************************** Alfred Huger http://www.secnet.com/ballista Project Director ahuger () secnet com Secure Networks Inc. (SNI) *****************************************************************************/
Current thread:
- CERT Advisory CA-97.27 - FTP_bounce Aleph One (Dec 10)
- Re: CERT Advisory CA-97.27 - FTP_bounce Janos Farkas (Dec 11)
- Re: CERT Advisory CA-97.27 - FTP_bounce Aleph One (Dec 11)
- Re: CERT Advisory CA-97.27 - FTP_bounce Barry Irwin (Dec 12)
- Re: CERT Advisory CA-97.27 - FTP_bounce Alfred Huger (Dec 12)
- Re: CERT Advisory CA-97.27 - FTP_bounce Aleph One (Dec 11)
- Q163852: Invalid Operand with Locked CMPXCHG8B Instruction Aleph One (Dec 12)
- Re: CERT Advisory CA-97.27 - FTP_bounce Janos Farkas (Dec 11)
- <Possible follow-ups>
- Re: CERT Advisory CA-97.27 - FTP_bounce Kev (Dec 11)