Date: Tue, 24 Apr 2001 11:50:22 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Victor Sudakov <sudakov@sibptus.tomsk.ru> Cc: Crist Clark <crist.clark@globalstar.com>, Dag-Erling Smorgrav <des@ofug.org>, freebsd-security@FreeBSD.ORG Subject: Re: Q: Impact of globbing vulnerability in ftpd Message-ID: <20010424115022.F89156@xor.obsecurity.org> In-Reply-To: <20010424100044.B40591@sibptus.tomsk.ru>; from sudakov@sibptus.tomsk.ru on Tue, Apr 24, 2001 at 10:00:44AM %2B0800 References: <20010423111632.B17342@sibptus.tomsk.ru> <xzpitjvgbub.fsf@flood.ping.uio.no> <20010423190737.A25969@sibptus.tomsk.ru> <xzpae57fyzl.fsf@flood.ping.uio.no> <3AE45EAC.18A180EE@globalstar.com> <20010424100044.B40591@sibptus.tomsk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--HCdXmnRlPgeNBad2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Apr 24, 2001 at 10:00:44AM +0800, Victor Sudakov wrote: > Do you know of any exploits that can run arbitrary code via ftpd > not with the euid of the user (possible anonymous) , but with root privileges? I'm sure they exist. Kris --HCdXmnRlPgeNBad2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE65crtWry0BWjoQKURAgMZAJ0Q10DKku4ASszj+lAIAhBhJzwyUQCfRz/k EmLi9WYi6NCOvB+QfjaJaPM= =aAen -----END PGP SIGNATURE----- --HCdXmnRlPgeNBad2-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010424115022.F89156>