Bug#4331: linux-security] [linux-alert] SECURITY FIX/UPDATE: anonftp (fwd)

To: lists@lina.inka.de (Bernd Eckenfels)
Cc: sopwith@redhat.com, 4331@bugs.debian.org
Subject: Bug#4331: linux-security] [linux-alert] SECURITY FIX/UPDATE: anonftp (fwd)
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
Date: Fri, 30 Aug 1996 00:54:44 +0200 (MET DST)
Message-id: <[🔎] 199608292254.AAA13464@i17linuxb.ists.pwr.wroc.pl>
Reply-to: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>, 4331@bugs.debian.org
In-reply-to: <[🔎] m0uw7XE-0004kIC@lina> from "Bernd Eckenfels" at Aug 29, 96 03:53:26 pm

> AFAIK it is along the line wit 
> 
> "site exec tar cvzf -rsh-command blafasel host:tar.tgz"

Probably something else - I don't believe Red Hat would have that
nice old _PATH_EXECPATH bug for so long :-).  It might be related
to the feature that wu-ftpd can send you a tar of a directory if
you do "get directory.tar".  Still I'm not sure how it could be
exploited though.  Elliot?

Marek

Reply to:

References:
- Bug#4331: linux-security] [linux-alert] SECURITY FIX/UPDATE: anonftp (fwd)
  - From: lists@lina.inka.de (Bernd Eckenfels)

Prev by Date: Bug#4341: no man page
Next by Date: Re: Bug#4164: Ferret extended description has blank lines
Previous by thread: Bug#4331: linux-security] [linux-alert] SECURITY FIX/UPDATE: anonftp (fwd)
Next by thread: Bug#4332: Vulnerability in the Xt library (fwd)
Index(es):
- Date
- Thread