[10493] in bugtraq
Re: wu-ftpd exploit fix
daemon@ATHENA.MIT.EDU (Jordan Ritter)
Sat May 8 18:08:41 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.05.9905071433280.9190-100000@demerol.darkridge.com>
Date: Fri, 7 May 1999 14:44:10 -0400
Reply-To: Jordan Ritter <jpr5@DARKRIDGE.COM>
From: Jordan Ritter <jpr5@DARKRIDGE.COM>
X-To: Adam Maloney <adam@IEXPOSURE.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <3731EB54.4E800114@iexposure.com>
On Thu, 6 May 1999, Adam Maloney wrote:
> We evaluated the source to the exploit, and made some changes to
> realpath.c (found in the /src directory of the wu-ftpd tarball)
hate to tell you this, but these things have already been fixed, and by
several in parallel. latest vr series ftpd, with redhat's changes merged
in:
ftp://ftp.vr.net/pub/wu-ftpd/wu-ftpd-2.4.2-vr17.tar.gz
> Interestingly enough, from the code that we saw, there was already
> code in the source to handle buffer overflows, but it wasn't
> implemented for all of the functions.
not to mention path-filter
Jordan Ritter
Network Security Engineer
Netect/Bindview Corp Boston, MA
"Quis custodiet ipsos custodes?"
