Bugtraq mailing list archives
Re: Update: Extending the FTP "ALG" vulnerability to any FTP client
From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Wed, 15 Mar 2000 22:42:39 +1100
In some mail from Mikael Olsson, sie said:
Workarounds to this specific vulnerability -------------------------------------------- * Disable active FTP. Errrr, wait. The fix for the server side vulnerability was to disable passive FTP.Which specific vulnerability was this ? And was it a vulnerability or a DoS problem ?It was the "Multiple firewalls FTP server "PASV" vulnerability" mentioned in my reference list. Basically does the same thing - letting people connect to any port - but on FTP servers instead. The official "fix" was "disable passive FTP". Well, since the "fix" for this is "disable active FTP".. ... :-)
Ah, right. This is a different problem and can be fixed to remove the vulnerability that exists. This particular problem exists only because of people taking shortcuts to implement ftp proxies by just looking at packets (personally, I'm one of them and I hate it, and much prefer people to use ftp-gw). So the upshot of this is with FW-1, you're screwed until you get the relevant fixes in place for ftp. With any proxy based solution, you should only allow passive FTP. Darren
Current thread:
- Update: Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 14)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Darren Reed (Mar 14)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 15)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Darren Reed (Mar 15)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Mikael Olsson (Mar 15)
- Re: Update: Extending the FTP "ALG" vulnerability to any FTP client Darren Reed (Mar 14)