From owner-freebsd-security Sun Jun 8 09:21:55 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id JAA19444 for security-outgoing; Sun, 8 Jun 1997 09:21:55 -0700 (PDT) Received: from yoss.canweb.net (root@yoss.canweb.net [207.139.235.8]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id JAA19435 for ; Sun, 8 Jun 1997 09:21:53 -0700 (PDT) Received: from localhost (yossman@localhost) by yoss.canweb.net (8.8.5/8.8.5) with SMTP id MAA09225 for ; Sun, 8 Jun 1997 12:17:07 -0400 (EDT) Date: Sun, 8 Jun 1997 12:17:06 -0400 (EDT) From: yossman To: security@freebsd.org Subject: ftpd security weakness on FreeBSD (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk one of my users sent me this. just wondering if anyone has heard about this before. he claims freebsd.org is affected. yossman ------------------------------------------------------------------------ Yossarian Holmberg (yossman) yossman@canweb.net System Administrator, National Online http://www.canweb.net/~yossman/ my statements are my own, not my employer's -- i do not speak for them. '... and if i die, before i learn to speak .. can money pay for all the days i've lived awake but half asleep?' -- Primitive Radio Gods, "Standing Outside a Broken Phone Booth With Money In My Hand" ---------- Forwarded message ---------- Date: Sun, 1 Jun 1997 22:14:03 +1000 To: yossman@canweb.net Subject: ftpd security weakness on FreeBSD Yoss, FreeBSD's ftpd has a bug (although I dont know if its a fetaure of FTP protocol or not (maybe newer RFC's discuss it)). Its possible to semi-hijack the ftpd into doing portscans to arbitrary hosts/ports. A good replacement would be wu-ftp 2.4.2 beta 11 or later.