Bugtraq mailing list archives
Re: Pro/wuFTPD DoS
From: chris () CYBERNET CO NZ (Chris Wedgwood)
Date: Sun, 21 Feb 1999 11:01:07 +1300
On Fri, Feb 19, 1999 at 07:56:59PM +0500, CyberPsychotic wrote:
I think I will probably write it again, since I don't I have it saved somewhere. There's nothing fascinating actually. This seem to be a heap buffer overflow, which smashes pointers to the dirnames (thus you could probably get access to files outsite chrooted envinronment):
Could someone please clue me in on how this might be so, assuming *ftpd correctly chroot's itself then relinquishes permissions? -cw
Current thread:
- Re: Pro/wuFTPD DoS Ultor (Feb 13)
- <Possible follow-ups>
- Re: Pro/wuFTPD DoS ga (Feb 15)
- Re: Pro/wuFTPD DoS CyberPsychotic (Feb 17)
- Re: Pro/wuFTPD DoS CyberPsychotic (Feb 19)
- Re: Pro/wuFTPD DoS Chris Wedgwood (Feb 20)
- Process table attack (from RISKS Digest) Mark Boolootian (Feb 20)
- LSOF exploit c0nd0r (Feb 21)
- Re: Process table attack (from RISKS Digest) Olle Segerdahl,D (Feb 22)
- Re: Process table attack (from RISKS Digest) Jan B. Koum (Feb 22)
- ANNOUNCE: Net::RawIP 0.06 has been released Sergey V. Kolychev (Feb 22)
- Summary: Copyright on Security advisories Aviram Jenik (Feb 22)
- Re: Process table attack (from RISKS Digest) Dug Song (Feb 22)
- NetBus client 1.x overflow Daniel Rosowski (Feb 22)
- Re: Process table attack (from RISKS Digest) James Lockwood (Feb 22)
- Re: Process table attack (from RISKS Digest) Dirk Moerenhout (Feb 22)
- Re: Pro/wuFTPD DoS Chris Wedgwood (Feb 20)