Date: Tue, 22 May 2001 23:44:04 -0500 (CDT) From: James Wyatt <jwyatt@rwsystems.net> To: Alex <alex@nixfreak.org> Cc: "Sergey N. Voronkov" <serg@tmn.ru>, Kris Kennaway <kris@obsecurity.org>, freebsd-security@FreeBSD.ORG Subject: Re: Is there a ftp vuln in 4.3-STABLE Message-ID: <Pine.BSF.4.10.10105222342130.10964-100000@bsdie.rwsystems.net> In-Reply-To: <Pine.BSF.4.32.0105230033440.1300-100000@magnetar.blackhatnetworks.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Sergey N. Voronkov wrote: > When I'v found this staff in my logfiles I'v change native ftpd to luke's > one. Sorry, can't get core to you... And don't want to setup native daemon > to provide potential hole to someone. > > May 16 15:50:34 ftp /kernel: pid 5272 (ftpd), uid 14: exited on signal 11 > May 17 21:02:20 ftp /kernel: pid 11157 (ftpd), uid 14: exited on signal 11 On Wed, 23 May 2001, Alex replied: > Who owns UID 14 own that machine? Not root I presume. So the > process itself that segmentation faulted wasn't actually executed by root. > Is UID 14 an FTP account for running the daemon? The normal FreeBSD 'ftp' user is uid 14. I'd expect most of the default servers to be running that ID for anonymous file access. - Jy@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10105222342130.10964-100000>