Bugtraq mailing list archives
Re: WU-FTPD
From: hayward () SLOTHMUD ORG (hayward () SLOTHMUD ORG)
Date: Fri, 12 Nov 1999 13:39:35 -0600
Doesn't wu-ftpd use the /home/ftp/etc/passwd file for this information, after doing a chroot during anonymous ftp? In which case, this is more of a configuration issue rather than a wu-ftpd issue? Because it depends on what you put in /home/ftp/etc/passwd. -- Brian Hayward http://www.slothmud.org/~hayward/mic_humor.html On Fri, 12 Nov 1999, Mnemonix wrote:
There's feature of the WU-FTP daemon (Version 2.4.2 tested as well as
earlier versions) (http://www.academ.com/academ/wu-ftpd/) that allows a remote user to workout what flavour of UNIX the ftp server is running on. When using the cd (CWD) command to a user accounts home directory (cd ~user) the WU-FTPD will reveal the accounts physical path if the account is a built in standard account such as root or games or uucp etc. For non-standard accounts it calims not to know the user:
ftp> cd ~mail 550 /var/spool/mail: No such file or directory. ftp> cd ~games 550 /usr/games: No such file or directory. ftp> cd ~root 550 /root: No such file or directory. ftp> cd ~guest 550 Unknown user name after ~ ftp> cd ~jsmith 550 Unknown user name after ~ ftp> cd ~nobody 550 /dev/null: No such file or directory. Knowing what accounts exist on what flavour of UN*X allows a remote user to can then say with a high degree of certainty that they're dealing with a specific platform. Cheers, David Litchfield http://www.infowar.co.uk/mnemonix/ Cerberus Information Security +44(0)181 661 7405
Current thread:
- Security flaw in Cobalt RaQ2 cgiwrap Chris Adams (Nov 08)
- Irfan view 3.07 buffer overflow UNYUN (Nov 08)
- Re: Security flaw in Cobalt RaQ2 cgiwrap Nathan Neulinger (Nov 08)
- Re: Security flaw in Cobalt RaQ2 cgiwrap Chris Adams (Nov 09)
- undocumented bugs - nfsd Mariusz Marcinkiewicz (Nov 09)
- Re: undocumented bugs - nfsd Olaf Kirch (Nov 10)
- rpc.nfsd exploit code Mariusz Marcinkiewicz (Nov 10)
- Re: rpc.nfsd exploit code Crispin Cowan (Nov 11)
- WU-FTPD Mnemonix (Nov 11)
- Re: WU-FTPD hayward () SLOTHMUD ORG (Nov 12)
- Re: rpc.nfsd exploit code Mariusz Marcinkiewicz (Nov 12)
- Re: rpc.nfsd exploit code Rogier Wolff (Nov 12)
- Re: undocumented bugs - nfsd Olaf Kirch (Nov 10)
- BIND NXT Bug Vulnerability Elias Levy (Nov 10)
- Re: BIND NXT Bug Vulnerability Richard Trott (Nov 10)
- Re: BIND NXT Bug Vulnerability Mike Iglesias (Nov 10)
- [RHSA-1999:053-01] new NFS server pacakges available (5.2, 4.2) Bill Nottingham (Nov 10)
- Re: [linux-security] Re: undocumented bugs - nfsd Olaf Kirch (Nov 11)
- SmartServer3 POP3 BindView Advisory (Nov 11)
- THE 12th ANNUAL FIRST CONFERENCE on COMPUTER SECURITY michele sensalari (Nov 11)
- OS/390 Interlink Stack DoS with nmap bugz () NAZGUL COM (Nov 11)