Bugtraq mailing list archives
Re: ftpd: the advisory version
From: kb8rln () PENGUINMASTER COM (Richard Rager)
Date: Tue, 11 Jul 2000 11:47:49 -0600
On Mon, 10 Jul 2000, D. J. Bernstein wrote:
1. Surely there are other people still wondering about proftpd. Can an attacker take over proftpd 1.2.0pre10? CERT seems to say yes, but the maintainer says ``relatively minor.'' What's the deal?
Yes I have had someone get a shell account on my box with proftpd 1.2.0pre10. I was able to keep him out for a little more with time with kernel 2.2.16 until the code changed. This is in the wild!
2. I agree that setproctitle() is rather pointless. My comments were about all functions with printf()-type format strings. Typical strings should fail as format strings.
Yes I was running proftpd in stand alone mode. The proftpd dies in some of these attacts. It was running as user ftp. Enjoy, Richard
Current thread:
- Conclusion to recent working WuFTPD Exploits, (continued)
- Conclusion to recent working WuFTPD Exploits Eric Hines (Jul 05)
- Re: ftpd: the advisory version Carson Gaspar (Jun 30)
- Re: ftpd: the advisory version Mike Gleason (Jul 02)
- [RHSA-2000:016-03] Multiple local imwheel vulnerabilities bugzilla () REDHAT COM (Jul 03)
- Re: ftpd: the advisory version monti (Jul 05)
- Re: ftpd: the advisory version D. J. Bernstein (Jul 06)
- Re: ftpd: the advisory version monti (Jul 07)
- Re: ftpd: the advisory version Mikael Olsson (Jul 07)
- Re: ftpd: the advisory version David Maxwell (Jul 07)
- Re: ftpd: the advisory version D. J. Bernstein (Jul 10)
- Re: ftpd: the advisory version Richard Rager (Jul 11)
- Infosec.20000712.worldclient.2.1 Rikard Carlsson (Jul 12)
- ANNOUNCE Apache::ASP v1.95 - Security Hole Fixed J C (Jul 10)
- Novell Border Manger - Anyone can pose as an authenticated user Coward, Anonymous (Jul 07)