mailing list archives
Re: cftp 0.12 (readrc) Local buffer overflow vulnerability
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Tue, 20 Mar 2007 17:23:10 +0300
A very effective way for user to exploit himself. How can you elevate
your privileges this way? Is cftp suid?
--Tuesday, March 20, 2007, 12:52:13 AM, you wrote to full-disclosure () lists grok org uk:
s> CFTP is Comfortable FTP, a full screen ftp client.
s> Proof of concept:
s> $ export HOME=`perl -e "print 'A'x8200"`
s> $ cftp
s> Segmentation fault
Неприятности начнутся в восемь. (Твен)
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/