Bugtraq mailing list archives
Re: WUftp scanner
From: lundberg+wuftpd () VR NET (Gregory A Lundberg)
Date: Thu, 25 Mar 1999 22:25:39 -0500
On Wed, 24 Mar 1999 baku () EXCITE COM wrote:
if (strstr (buf, "Version wu-2.4.2-academ[BETA-18](1)"))
No. Way to strict. You'll miss people who touched ftpcmd.y and recompiled: Version wu-2.4.2-academ[BETA-18](2) And you'll miss earlier versions which are vulnerable, say: Version wu-2.4.2-academ[BETA-12] And you'll miss derivatives which are vulnerable, like one of mine: Version wu-2.4.2-academ[BETA-18-VR6]
{ if (strstr (buf, "Mon Jan 18 19:19:31 EST 1999")) printf ("%s is patched.\n", inet_ntoa (addr));
No. That's the date and time _you_ compiled the daemon. The target machine was probably compiled some other time. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd () vr net Kettering, OH 45409-1615 USA 1-800-809-2195
Current thread:
- WUftp scanner baku () EXCITE COM (Mar 24)
- Re: WUftp scanner Gregory A Lundberg (Mar 25)
- Re: WUftp scanner Scott Stone (Mar 26)