Bugtraq mailing list archives
Re: BoS: serious security bug in wu-ftpd v2.4 -- PATCH
From: hpj () one se (Henrik P Johnson)
Date: Sun, 12 Jan 1997 19:56:01 +0100
Below comes an hopefully improved version of the sigfix.c file to fix wu-ftp. This will block signals while within crusial parts of the FTP server, yet the signals will occur after the resumesigs is called. I have no idea of how portable this may or may not be, but it seems to work on HP, OSF, linux and Solaris. Otherwise the patch as supplied by Dave Kinchlea <security () kinch ark com> should be applied. /* ######################### sigfix.c ################################# */ void #ifdef __STDC__ suspendsigs(void) #else suspendsigs() #endif { sigset_t sset=0; #ifdef SIGPIPE sset=SIGPIPE; #endif #ifdef SIGURG sset|=SIGURG; #endif sigprocmask(SIG_BLOCK,&sset,NULL); } void #ifdef __STDC__ resumesigs(void) #else reseumesigs() #endif { sigset_t sset=0; #ifdef SIGPIPE sset=SIGPIPE; #endif #ifdef SIGURG sset|=SIGURG; #endif sigprocmask(SIG_UNBLOCK,&sset,NULL); } ============================================================================== Henrik P Johnson Tel: +46-(0)31-812091 Eklandagatan 41a GlobeCom Network GSM: +46-(0)70-5409924 41261 Göteborg IRC: [TC] FAX: +46-(0)31-208460 Sweden E-Mail: king () globecom net king () one se, hpj () etek chalmers se, hpj () tjh se... etc ============================================================================== Nice site: http://www.underscore.se/sj (Swedish)
Current thread:
- Re: BoS: serious security bug in wu-ftpd v2.4 Dave Kinchlea (Jan 05)
- BoS: serious security bug in wu-ftpd v2.4 -- PATCH Dave Kinchlea (Jan 05)
- Re: BoS: serious security bug in wu-ftpd v2.4 -- PATCH Henrik P Johnson (Jan 12)
- Stronghold v1.3.3: Security Release Sean B. Hamor (Jan 13)
- [linux-security] SECURITY: Important bug fix for /sbin/login Erik Troan (Jan 16)
- Smashing the stack on a DEC Alpha Lamont Granquist (Jan 16)
- Re: Smashing the stack on a DEC Alpha Digital Dreamer (Jan 16)
- Re: Smashing the stack on a DEC Alpha Julian Assange (Jan 16)
- FreeBSD Security Advisory: SA-96:21 - talkd FreeBSD Security Officer (Jan 18)
- Re: FreeBSD Security Advisory: SA-96:21 - talkd Theo de Raadt (Jan 20)
- talkd problem Theo de Raadt (Jan 20)
- Re: talkd problem David Holland (Jan 20)
- Smashing the stack Zygo Blaxell (Jan 20)
- BoS: serious security bug in wu-ftpd v2.4 -- PATCH Dave Kinchlea (Jan 05)