Bugtraq mailing list archives
Re: Wu-ftpd 2.6.1(1)
From: Chris Evans <chris () SCARY BEASTS ORG>
Date: Mon, 2 Oct 2000 17:52:13 +0100
On Mon, 2 Oct 2000, Javor Ninov wrote:
somewhere:/$ ftp 127.0.0.1
[...]
230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> quote %s%s%s%s 500 'TP?9(NULL)': command not understood. ftp>quote %s%s%s%s%s Segmentation fault somewhere:/$ uname -a Linux somewhere 2.2.12 #1 Sun Sep 19 13:35:59 EEST 1999 i686 unknown somewhere:/$ This is a Slackware 4.0 with last wuftpd.tgz ( 02-oct-2000 )
In the above sequence, I can clearly see "Segmentation fault". Does this not suggest that the ftp _client_ is in fault, not the wuftpd server? A quick test locally, ftp> quote %s%s%s%s%s%s Segmentation fault (core dumped) [chris@blah chris]$ file core core: ELF 32-bit LSB core file of 'ftp' (signal 11), ... So, there is a format string bug in the ftp client. I am currently on a machine with RedHat-6.1, and: ftp-0.15-1 Clearly this needs fixing, if it is not already fixed in a more recent version. Connecting to a wu-ftpd server with raw telnet: [chris@blah chris]$ telnet x.x.x.x ftp Trying x.x.x.x... Connected to x.x.x.x. Escape character is '^]'. 220 x.x.x.x FTP server (Version wu-2.6.0(1) Fri Jun 23 09:22:33 EDT 2000) ready. user ftp 331 Guest login ok, send your complete e-mail address as password. pass chris@ 230 Guest login ok, access restrictions apply. quote %s%s%s%s%s%s%s%s%s%s 500 'QUOTE %s%s%s%s%s%s%s%s%s%s': command not understood. So the server seems to handle this fine. Cheers Chris
Current thread:
- Wu-ftpd 2.6.1(1) Javor Ninov (Oct 02)
- Re: Wu-ftpd 2.6.1(1) Chris Evans (Oct 02)
- <Possible follow-ups>
- Re: Wu-ftpd 2.6.1(1) Chris Evans (Oct 02)