Re: Wu-ftpd 2.6.1(1)

[Chris Evans <chris () SCARY BEASTS ORG>]

On Mon, 2 Oct 2000, Javor Ninov wrote:

> somewhere:/$ ftp 127.0.0.1

[...]

> 230 Guest login ok, access restrictions apply.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp> quote %s%s%s%s
> 500 'TP?9(NULL)': command not understood.
> ftp>quote %s%s%s%s%s
> Segmentation fault
> somewhere:/$ uname -a
> Linux somewhere 2.2.12 #1 Sun Sep 19 13:35:59 EEST 1999 i686 unknown
> somewhere:/$
> This is a Slackware 4.0 with last wuftpd.tgz ( 02-oct-2000 )

In the above sequence, I can clearly see "Segmentation fault".

Does this not suggest that the ftp _client_ is in fault, not the wuftpd
server?

A quick test locally,
ftp> quote %s%s%s%s%s%s
Segmentation fault (core dumped)
[chris@blah chris]$ file core
core: ELF 32-bit LSB core file of 'ftp' (signal 11), ...

So, there is a format string bug in the ftp client. I am currently on a
machine with RedHat-6.1, and:
ftp-0.15-1

Clearly this needs fixing, if it is not already fixed in a more recent
version.

Connecting to a wu-ftpd server with raw telnet:

[chris@blah chris]$ telnet x.x.x.x ftp
Trying x.x.x.x...
Connected to x.x.x.x.
Escape character is '^]'.
220 x.x.x.x FTP server (Version wu-2.6.0(1) Fri Jun 23 09:22:33
EDT 2000) ready.
user ftp
331 Guest login ok, send your complete e-mail address as password.
pass chris@
230 Guest login ok, access restrictions apply.
quote %s%s%s%s%s%s%s%s%s%s
500 'QUOTE %s%s%s%s%s%s%s%s%s%s': command not understood.


So the server seems to handle this fine.

Cheers
Chris