[10453] in bugtraq
Re: wuftp2.4.2academ beta 12-18 exploit
daemon@ATHENA.MIT.EDU (Mariusz Marcinkiewicz)
Thu May 6 16:13:02 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.9905050753480.14452-100000@mail.zigzag.pl>
Date: Wed, 5 May 1999 08:12:55 +0000
Reply-To: Mariusz Marcinkiewicz <tmogg@ZIGZAG.PL>
From: Mariusz Marcinkiewicz <tmogg@ZIGZAG.PL>
X-To: Gregory Newby <gbnewby@ILS.UNC.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.GSO.4.10.9905032005460.2394-100000@ruby.ils.unc.edu>
On Mon, 3 May 1999, Gregory Newby wrote:
> wu-ftpd and variants that use files /etc/ftp* for configuration
> can easily help protect you against the many recent variants that
> exploit buffer overflows with MKDIR. All the varieties I've
> seen require creating a directory or file - that's where the
> overflow happens.
khmm, and what about local users? they can get root still
and more: I don't need +w access on ftp, if I create dirs
in $home and telnet 0 21 I can get root by simple RMD
ok, that's better protection then patches (all I've seen didn't work) but
you have bug still, not remote but bug always...
if you wanna be secure you have to install new ftpd
greetz
--
tmogg@hert.org
