[242] in Best-of-Security


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

BoS: SunOS 4.1.4 ftp serious bug

daemon@ATHENA.MIT.EDU (Homer W. Smith)
Tue Jun 17 02:44:37 1997

Date: 	Sun, 15 Jun 1997 09:46:41 -0400
Reply-To: "Homer W. Smith" <homer@LIGHTLINK.COM>
From: "Homer W. Smith" <homer@LIGHTLINK.COM>
In-Reply-To:  <19970614223803.43292@acm.cs.umr.edu>
Errors-To: best-of-security-request@suburbia.net
To: best-of-security@suburbia.net
Resent-From: best-of-security@suburbia.net

    This may be old hat, but it has bitten me again recently and
I am surprised this bug is allowed to live.

    Running SunOS 4.1.4

    ftp from SunOS machine A to any other machine B.

    cd remote directory

    lcd to any random directory NOT the directory that contains
the file you wish to upload.

    put /absolute/path/to/file

    This will *ERASE* the file on machine A!

    Homer

------------------------------------------------------------------------
Homer Wilson Smith     News, Web, Telnet      Art Matrix - Lightlink
(607) 277-0959         E-mail, FTP, Shell     Internet Access, Ithaca NY
homer@lightlink.com    info@lightlink.com     http://www.lightlink.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[242] in Best-of-Security

BoS: SunOS 4.1.4 ftp serious bug

daemon@ATHENA.MIT.EDU (Homer W. Smith)Tue Jun 17 02:44:37 1997

daemon@ATHENA.MIT.EDU (Homer W. Smith)
Tue Jun 17 02:44:37 1997