Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

/Claimed/ remote root exploit in Pureftpd

From: Devdas Bhagat <dvb () users sourceforge net>
Date: Sat, 14 Jun 2003 01:55:01 +0530
This is someone I know in IRC, and usually does not claim random stuff.
I have no further information other than this claim currently, but a
code audit might be in order.

[ I have not found a security contact on the pureftpd.org page, except
for their mailing list, so am sending it there ].

IRC log follows:

<dilema> Linux/x86 PureFTPD remote exploit.
<dilema> phj34r m3
<Krisp-ET> remote root, huh?
<Krisp-ET> ouch
<dilema> sad this i already owned myself
<Krisp-ET> lol
<dilema> PureFTPD (1.x.x) linux/x86 remote ROOT exploit.
<dilema>
!PRIVATE!***!PRIVATE!***!PRIVATE!***!PRIVATE!***!PRIVATE!***!PRIVATE!***!PRIVATE!
<dilema> MUHAHAHAHA
<dilema> i suggest you all switch to Pro for the time being
<f3ew|sleep> wtf?
<f3ew|sleep> where has it been announced?
<dilema> lmao it's an 0-day fizewl
<f3ew|sleep> wow
<dilema> maybe i'll maek it public if i feel like a nice guy
<dilema> Linux/x86 PureFTPD remote exploit.
<dilema> usage: ./pure [options]
<dilema>         -c      remote host to connect to
<dilema>         -o      remote port to use
<dilema>         -u      remote username
<dilema>         -p      remote password
<dilema>         -i      get the password interactively
<dilema>         -t      predefined target ("-t list" to list all
targets)
<dilema>         -d      writeable directory
<dilema>         -l      shellcode address
<dilema>         -v      debug level [0-2]
<dilema>         -s      seconds to sleep after login (debugging
purposes)
<dilema>         -h      display this help
<dilema> actually
<dilema> i have tons of sploits
<dilema> i'll throw some on http when i sort through them and make sure
not to step on any ones toes by doing so
<f3ew|sleep> send the exploit to the pureftpd maintainer
<dilema> i'll play with it for a few days. I'm just pissed cause i
really like pure and i don't feel like setting up pro
<dilema> which is one reason why i am hesitant to give it out

[ Exploit claimed to be zero day and in the wild, so I am sending an
announcement here as a heads up, hopefuly we can get a quick fix ].

Devdas Bhagat
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: