Date: Tue, 3 Oct 2000 03:38:15 -0500 From: Dave McKay <dave@mu.org> To: Brett Glass <brett@lariat.org> Cc: Kris Kennaway <kris@FreeBSD.org>, Alex Charalabidis <alex@wnm.net>, "Chris D . Faulhaber" <jedgar@fxp.org>, security@FreeBSD.org Subject: Re: ftpd bug in FreeBSD through at least 3.4 Message-ID: <20001003033815.A27544@elvis.mu.org> In-Reply-To: <4.3.2.7.2.20001002173916.046c16f0@localhost>; from brett@lariat.org on Mon, Oct 02, 2000 at 05:43:10PM -0600 References: <4.3.2.7.2.20001002125825.00de8f00@localhost> <4.3.2.7.2.20001002123113.049344d0@localhost> <Pine.BSF.4.21.0010021340020.90099-100000@earth.wnm.net> <4.3.2.7.2.20001002125825.00de8f00@localhost> <20001002143917.B22329@freefall.freebsd.org> <4.3.2.7.2.20001002173916.046c16f0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett, This bug was a non-issue from the start, why did you have to drag your results on to the list? Wasn't it apparent after Warner said that they no longer support older releases of FreeBSD due to resource shortness that the thread was pointless? My second rant is, have you ever noticed WHENEVER you write into the list its ALWAYS the longest current thread running within a VERY short time? Do you think this is because of your genius in the BSD OS field? Or perhaps its due to your keen wits being always about you when you write in. Please, and I mean this, DIE. Brett Glass (brett@lariat.org) wrote: > At 03:39 PM 10/2/2000, Kris Kennaway wrote: > > >No, I think your client is expanding the %s locally and sending the > >junk to the server. > > Kris: > > I think you may be right here! The client may also be expanding the > %s on the way BACK from the server. If this is the case, it is > more serious because it means that a malicious server might be > able to take over the client. > > I am checking to see if there are holes in the server, too. So > far, when I send the same strings to the server using good ol' > Telnet the server seems to respond pretty much correctly. There > are still some minor server glitches: Some error messages are sent > twice instead of once, the command is always changed to all uppercase > up to the first whitespace and then echoed back with this modification, > and trailing whitespace at the ends of commands is not ignored. But > while these things could use fixing, none of them are exploitable. > > --Brett > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- Dave McKay Network Engineer - Google Inc. dave@mu.org - dave@google.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001003033815.A27544>