[13072] in bugtraq
Re: ftp conversions exploit
daemon@ATHENA.MIT.EDU (David Malone)
Thu Dec 23 13:30:06 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19991222200112.A30322@walton.maths.tcd.ie>
Date: Wed, 22 Dec 1999 20:01:12 +0000
Reply-To: dwmalone@MATHS.TCD.IE
From: David Malone <dwmalone@MATHS.TCD.IE>
X-To: Desi Hacker <desihacker@HOTMAIL.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19991222044725.77471.qmail@hotmail.com>
On Wed, Dec 22, 1999 at 04:47:25AM +0000, Desi Hacker wrote:
> during the exploiting process.. the final step as instructed by the auther
> doesn't work
>
> ftp> get "--use-compress-program=sh blah".tar
> or
> ftp> get "--use-compress-program=sh blah".tar
>
> instead is gives a warning of permission denied!
> in case of anon ftp logging
The ftpaccess man page contains the following example line:
path-filter anonymous /etc/pathmsg ^[-A-Za-z0-9._]*$ ^\. ^-
which disallows filenames starting with . or - to anonymous users.
Maybe your ftpaccess line contains this?
David.
