Bugtraq mailing list archives
Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability
From: Flavio Veloso <flaviovs () magnux com>
Date: Thu, 29 Nov 2001 09:32:33 -0200 (BRST)
On Wed, 28 Nov 2001, script0r wrote:
Subject: Wu-Ftpd File Globbing Heap Corruption Vulnerability
(...)
I am running the a linux port of the bsd ftpd and it might be vulnerable to a similar attack, ftp localhost Connected to localhost. 220 playlandFTP server (Version 6.5/OpenBSD, linux port 0.3.3) ready. Name (localhost:user): ftp 331 Guest login ok, type your name as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls ~{ 200 PORT command successful. 421 Service not available, remote server has closed connection in inetd I find an error stating that the ftpd process has died unexpectedly Nov 28 14:21:28 playland inetd[82]: pid 16341: exit signal 11
This may not be related to the wu-ftpd bug. I was just experiencing the same problem here, but further investigation showed up that it was due a bug in the glibc implementation of glob(3) (not exploitable, AFAICT). See http://sources.redhat.com/ml/bug-glibc/2001-11/msg00109.html for details. -- Flávio
Current thread:
- *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Dave Ahmad (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability script0r (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Andre Oppermann (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability David Brownlee (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Rick Kelly (Nov 30)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability script0r (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Todd C. Miller (Nov 28)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability GiulioMaria Fontana (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Flavio Veloso (Nov 29)
- <Possible follow-ups>
- RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Junius, Martin (Nov 29)
- RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Craig Leikis (Nov 29)
- RE: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Sandor W. Sklar (Nov 29)
- Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability Fred Mobach (Nov 30)