Bugtraq mailing list archives

Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x

From: nwarmuth () PRIVAT CIRCULAR DE (Norbert Warmuth)
Date: Mon, 30 Aug 1999 08:11:36 +0200


Michal Zalewski writes:

------------------
mc, ftp:// and $()
------------------

Compromise: remote/local user's privledges

Midnight Commander ftp client has an overflow while reading server
responses - long enough message will result in beautiful overflow. Enjoy.


An off-by-one error, hardly to exploit especially since the value written
is always '\0'.

Also, mc seems to have serious problems with directories containing shell
commands enclosed in $(...) construction. Bad.


What are you talking about? Please send details to What are you talking about? Please send details to mc-bugs () 
nuclecu unam mx.

If you refer to uncompressing gzip'd files this bug was fixed on
18.08.99 (release 4.5.38).

Regards,
Norbert

Current thread:

Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x Norbert Warmuth (Aug 29)
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x Norbert Warmuth (Sep 05)
- <Possible follow-ups>
- Re: [Linux] glibc 2.1.x / wu-ftpd <=2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x David Wagner (Sep 01)