Bugtraq mailing list archives
Re: IBM-ERS Security Vulnerability Alert: The AIX ftp client
From: rodriguj () DRAGO FIE US ES (Miguel Angel Rodriguez Jodar)
Date: Thu, 30 Oct 1997 21:27:27 +0100
ers () VNET IBM COM wrote:
VULNERABILITY: The AIX ftp client interprets server provided filenames I. Description The ftp client can be tricked into running arbitrary commands supplied by the remote server. When the remote file begins with a pipe symbol, the ftp client will process the contents of the remote file as a shell script.
On two machines running AIX 3.2.5 I've tested it, but instead of executing the remote file, it searches for a local file with the same name as the remote file and executes it with normal user priviledges instead of root privilegdes. BTW, I believe that this also happens on HP-UX 9.05 Miguel Angel Rodriguez Area de Arqutectura y Tecnologia de Computadores Universidad de Sevilla
Current thread:
- IBM-ERS Security Vulnerability Alert: The AIX ftp client ers () VNET IBM COM (Oct 29)
- <Possible follow-ups>
- Re: IBM-ERS Security Vulnerability Alert: The AIX ftp client Miguel Angel Rodriguez Jodar (Oct 30)