[23566] in bugtraq
Re: ProFTPD - Problems in file globbing, gives segmentation fault.
daemon@ATHENA.MIT.EDU (Przemyslaw Frasunek)
Wed Dec 19 19:15:30 2001
Message-Id: <200112191947.fBJJlAk16519@mailhost.freebsd.lublin.pl>
Content-Type: text/plain;
charset="iso-8859-2"
From: Przemyslaw Frasunek <venglin@freebsd.lublin.pl>
To: "Mattias _" <surre1@hotmail.com>
Date: Wed, 19 Dec 2001 20:47:10 +0100
In-Reply-To: <F123FJMf8Tm3v640Za0000006ea@hotmail.com>
Cc: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
On Wednesday 19 December 2001 14:22, you wrote:
> The ftpd-child dies with signal 11 (SEGV), but the server stays up.
> The question is if it’s possible to do something nasty with this!?
I've played about 2 hours with it. Looks like, there is no way to modify
pointer passed to free(), it always points to beginning of 'Out of memory'
string.
--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
