Bugtraq mailing list archives

Logdaemon ftpd and setproctitle()

From: wietse () PORCUPINE ORG (Wietse Venema)
Date: Mon, 10 Jul 2000 16:53:25 -0400


-----BEGIN PGP SIGNED MESSAGE-----

Just in case someone uses the ftpd from my logdaemon utilities,
that code does not enable the setproctitle feature so it is not
vulnerable to setproctitle attack.

        Wietse

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBOWo3cNyA8qbVMny5AQFg2wP+JiD20F8qJT2ge/Yem9cyPAsdXtOb8pIl
CMNsu0vR9whdU+Agg++J3XYbGopGzXdF4qwLRs811HSSHXy5xFuUSZO5EOkcMMz2
E7K/202b9IXM/hbHA5Gt8kOP+ddww7Cgqf2TPtNrwlEsorTvxynMBEYuJ5BKCXZq
SLZ2fftk1PI=
=vj2o
-----END PGP SIGNATURE-----

Current thread:

Pollit CGI-script opens doors! The Warlock (Jul 11)
- Logdaemon ftpd and setproctitle() Wietse Venema (Jul 10)
- Re: Pollit CGI-script opens doors! jerry (Jul 11)
- REMOTE EXPLOIT IN ALL CURRENT VERSIONS OF BIG BROTHER Eric Hines (Jul 11)
  - Re: REMOTE EXPLOIT IN ALL CURRENT VERSIONS OF BIG BROTHER Andrew L . Davis (Jul 11)
  - Updated - Microsoft Security Bulletin (MS00-041) Microsoft Product Security (Jul 12)
  - Netscape SmartDownload reports file information to AOL John L. Morello (Jul 12)
  - RSA Aceserver UDP Flood Vulnerability Gwendolynn ferch Elydyr (Jul 12)
  - ftp.pl vulnerability zillion @ safemode (Jul 12)
  - ISC DHCP client v2 hole fixed...or not? Pavel Kankovsky (Jul 12)
  - cvsweb: remote shell for cvs committers Joey Hess (Jul 12)
  - FreeBSD Security Advisory: FreeBSD-SA-00:33.kerberosIV FreeBSD Security Advisories (Jul 12)

(Thread continues...)