[19547] in bugtraq
Re: your mail
daemon@ATHENA.MIT.EDU (Przemyslaw Frasunek)
Wed Mar 7 21:48:04 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20010307221747.A899@riget.scene.pl>
Date: Wed, 7 Mar 2001 22:17:47 +0100
Reply-To: Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL>
From: Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL>
X-To: Nomen Nescio <nobody@DIZUM.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <e01141c29072cd2bc40439162ba87800@dizum.com>; from
nobody@DIZUM.COM on Wed, Mar 07, 2001 at 04:40:05AM +0100
On Wed, Mar 07, 2001 at 04:40:05AM +0100, Nomen Nescio wrote:
> this is an exploit for wu-ftpd 2.6.1(1) on linux
> propz to segv for giving this to me
This is an old wuftpd 2.6.0 SITE EXEC exploit. 2.6.1 is not vulnerable
to this attack.
> strcpy (cmdbuf, "SITE EXEC ");
> for (ret = 0; ret <= 88; ret++)
> {
> strcat (cmdbuf, "%x");
> }
--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
