Bugtraq mailing list archives
RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability
From: "Sandor W. Sklar" <ssklar () stanford edu>
Date: Thu, 29 Nov 2001 10:27:47 -0800
just to help complete the list of "ok"/"not ok" systems, neither the AIX 4.3.3-ML08 ftpd daemon nor the Mac OS X 10.1.1/Darwin 5.1 ftpd daemon appear to be vulnerable. At 5:46 PM +0100 11/29/01, Junius, Martin wrote:
I just did some tests with RedHat 7.2, glibc-2.2.4-19, and ftpd-BSD-0.3.2. "ls ~{" makes the ftpd process die in glibc´s glob(pattern="~{", ...) function with a SEGV. Beside that ftpd-BSD uses globfree() to release the memory. So as long as glibc's glob() is safe, ftpd-BSD *should* be safe against this exploit. On RedHat 6.2, glibc-2.1.3-22, "ls ~{" simply returns "No such file or directory". Martin
-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Sandor W. Sklar - Unix Systems Administrator - Stanford University ITSS Non impediti ratione cogitationis. <http://whippet.stanford.edu/~ssklar/> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Current thread:
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability, (continued)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Andre Oppermann (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability David Brownlee (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Rick Kelly (Nov 30)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Todd C. Miller (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability GiulioMaria Fontana (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Flavio Veloso (Nov 29)
- RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Craig Leikis (Nov 29)
- RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Sandor W. Sklar (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Fred Mobach (Nov 30)