Date: Wed, 23 May 2001 00:35:15 -0400 (EDT) From: Alex <alex@nixfreak.org> To: "Sergey N. Voronkov" <serg@tmn.ru> Cc: Kris Kennaway <kris@obsecurity.org>, <freebsd-security@FreeBSD.ORG> Subject: Re: Is there a ftp vuln in 4.3-STABLE Message-ID: <Pine.BSF.4.32.0105230033440.1300-100000@magnetar.blackhatnetworks.com> In-Reply-To: <20010523100448.A15088@sv.tech.sibitex.tmn.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
> When I'v found this staff in my logfiles I'v change native ftpd to luke's > one. Sorry, can't get core to you... And don't want to setup native daemon > to provide potential hole to someone. > > May 16 15:50:34 ftp /kernel: pid 5272 (ftpd), uid 14: exited on signal 11 > May 17 21:02:20 ftp /kernel: pid 11157 (ftpd), uid 14: exited on signal 11 Who owns UID 14 own that machine? Not root I presume. So the process itself that segmentation faulted wasn't actually executed by root. Is UID 14 an FTP account for running the daemon? -Alex > > Also I have one questtion: how to setup ftpd to allow it dumping core to > specified destination? > > Bye, > > Serg N. Voronkov > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.32.0105230033440.1300-100000>