Vulnerability Development mailing list archives
[Ftp client , Format strings and SEGFAULTS]
From: KF <dotslash () snosoft com>
Date: Wed, 05 Dec 2001 12:51:22 -0500
These issues have been pointed out a number of times in the past... no one has done anything about them. I think the last time this thread was started up for the 20th time was about when the wu 2.6.1 site exec issue came out... a number of people noticed the problem while testing their own servers. Theses isues are present in a number of linux ftp clients ... also in the windows NT ftp.exe Theoretically a server could construct a malicious response to a site quote command and maybe take control of the client... The issues with ls are new obviously but it doesn't seem to me that vendors are hard pressed on fixing client side ftp client issues. -KF U dong-houn wrote:
Have ever experienced such work before me. At that time, as well as Proftpd, by format string limitation that is found in wu-ftpd and so on, was mistaking. It is that is client limitation that was stupid justly. Format string bug happens in ftp client by source. Can see this now. bash-2.04$ ftp 127.0.0.1 Connected to 127.0.0.1. ... Name (127.0.0.1:x82): x82 331 Password required for x82. Password: 230 User x82 logged in. Remote system type is UNIX. Using binary mode to transfer files. ... ftp> site AAAA%x%x%x%x%x%x%x%x%x%x 500 'SITE AAAA806C1A527FA805164828057650BFFFE9C4BFFFC190455449534141412025782541' not understood. ftp> quote AAAA%x%x%x%x%x%x%x%x%x%x 500 AAAA806C1A627FF805164828057650BFFFE9C4BFFFC190414141417825782578257825 not understood. ftp> site AAAA%x%x%x%x%x%x%x%x%n Segmentation fault (core dumped) bash-2.04$ Stupid ftp client program may have to be re-formed. Desire there is no mistake ... If use a debugging tool, can see that have been expired in client. -- by Xpl017Elz P.S: Always so ... Sorry. I gave up original English. Study English since next time. So, make understood other people. Thank you for reading unwise writing. ^-^* -- Powered by Outblaze
Current thread:
- [Ftp client , Format strings and SEGFAULTS] KF (Dec 05)
- Re: [Ftp client , Format strings and SEGFAULTS] Michal Zalewski (Dec 05)
- Re: [Ftp client , Format strings and SEGFAULTS] KF (Dec 05)
- Re: [Ftp client , Format strings and SEGFAULTS] Michal Zalewski (Dec 05)