[18882] in bugtraq
Re: ntop -i local exploit
daemon@ATHENA.MIT.EDU (Bill Fumerola)
Tue Jan 30 18:12:11 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20010129154052.T57121@elvis.mu.org>
Date: Mon, 29 Jan 2001 15:40:52 -0600
Reply-To: Bill Fumerola <billf@MU.ORG>
From: Bill Fumerola <billf@MU.ORG>
X-To: Paul Starzetz <paul@STARZETZ.DE>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <3A755A02.D20F1EAA@starzetz.de>; from paul@STARZETZ.DE on Mon,
Jan 29, 2001 at 12:54:42PM +0100
On Mon, Jan 29, 2001 at 12:54:42PM +0100, Paul Starzetz wrote:
> 1. Abstract
> -----------
>
> There are various format string bugs in the ntop package as mentioned in
> former Bugtraq articles. This is _not_ a new problem. However, in
> opposite to the '-w' option bug, an exploit for the existent '-i' option
> format string bug has never been posted/released.
It's worth noting that FreeBSD doesn't[1] install this suid/sgid so this
exploit isn't a problem if ntop was installed from ports/packages.
--
Bill Fumerola / billf@FreeBSD.org
1. as of rev 1.13 of ports/net/ntop/Makefile (Sun Aug 13 06:32:58 2000 UTC)
