Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: wuftp2.4.2academ beta 12-18 exploit

From: laq () SWIPNET SE (laq () SWIPNET SE)
Date: Wed, 5 May 1999 15:00:32 +0200


Workaround:

wu-ftpd and variants that use files /etc/ftp* for configuration
can easily help protect you against the many recent variants that
exploit buffer overflows with MKDIR.  All the varieties I've
seen require creating a directory or file - that's where the
overflow happens.

In /etc/ftpaccess, you have the option to specify what commands
may and may not be run by particular users.  Just add lines to
specify that user anonymous (or whatever others you want) cannot
put, delete, mkdir, etc.

E.g., lines like these:

chmod           no              anonymous
delete          no              anonymous
overwrite       no              anonymous
rename          no              anonymous
mkdir           no              anonymous
upload          no              anonymous


if you still want to let anonymous users create directories,
take a look at path-filter option for that very same file.

# path-filter...
path-filter  anonymous  /etc/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-

when i tried the exploit on myself i got alot of "Permission denied (pathname)",
so at least it seems to work.
Previous By Date Next
Previous By Thread Next

Current thread: