Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability
From: Fyodor <fygrave () tigerteam net>
Date: Fri, 30 Nov 2001 00:40:51 +0700

On Wed, Nov 28, 2001 at 08:15:33PM -0500, Brad wrote:
OpenBSD's ftpd exhibits the same behavior, 2.9-stable, 3.0-stable and
-current.


Due to OpenBSD specific malloc implementation (they keep allocated pageinfo
structs separately from allocated chunks, which could be affected
externally) this bug doesn't seem to be exploitable on OpenBSD though.

(wish it could be;-))

-F
-- 
http://www.notlsd.net
PGP fingerprint = 56DD 1511 DDDA 56D7 99C7  B288 5CE5 A713 0969 A4D1


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]