[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Matt Crawford <crawdad@fnal.gov>] glob vulnerability? vulnerability in krb5-ftpd



I hope to have either a statement we are not vulnerable or an upload
in incoming by next dinstall run.

Note that krb5-ftpd is not in potato so this is just an FYI for those using   unstable/testing.

------- Start of forwarded message -------
Date: Thu, 29 Nov 2001 16:05:59 -0600
From: Matt Crawford <crawdad@fnal.gov>
Subject: glob vulnerability?
To: krbdev@mit.edu
Message-id: <200111292205.fATM5xl11952@gungnir.fnal.gov>

I suppose you're aware that yet another file globbing vulnerability
has been found in wu-ftpd and exploits are out there.  Looking over
the patch at
ftp://ftp.wu-ftpd.org/pub/wu-ftpd/quickfixes/apply-to-2.6.1/ftpglob.patch
the ftpcmd.y part seems to have diverged greatly from MIT's gssftp,
but glob.c seems to still be similar enough for it to be very likely
the same vulnerability exists.  And in fact if I connect, log in, and
type "ls ~[", ftpd will segfault.

			Matt Crawford

------- End of forwarded message -------



Reply to: