Date: Tue, 25 Nov 1997 09:58:56 +1100 (EST) From: warpy <warpy@suburbia.com.au> To: freebsd-security@freebsd.org Subject: Possible problem with ftpd 6.00 Message-ID: <Pine.BSF.3.96.971125094506.991A-100000@typhoon>
next in thread | raw e-mail | index | archive | help
This morning I noticed something I didn't think should be happening. That being the password being used by an anonymous user logging into ftp showing up in the process list. However this did not happen when I logged in as a normal user. Obviously there isn't much upon first glance that can be done to exploit it (at least I think so), but does it need to occur at all? If this has been discussed before I apologise. --- This is what happened: typhoon:~$ uname -a FreeBSD typhoon 2.2.5-STABLE FreeBSD 2.2.5-STABLE #0: Sun Nov 23 18:09:03 EST 1997 root@typhoon:/usr/src/sys/compile/TYPHOON i386 typhoon:~$ ftp localhost 465 Connected to localhost. 220 typhoon FTP server (Version 6.00) ready. Name (localhost:warpy): ftp 331 Guest login ok, send your email address as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> ^Z [2]+ Stopped ftp localhost typhoon:~$ ps -ax |grep ftpd |grep -v grep 951 ?? IWs 0:00.12 ftpd: localhost: anonymous/ftp@: SYST\r\n (ftpd) typhoon:~$ typhoon:~$ ftp localhost Connected to localhost. 220 typhoon FTP server (Version 6.00) ready. Name (localhost:warpy): 331 Password required for warpy. Password: 230 User warpy logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp> ^Z [1]+ Stopped ftp localhost 465 typhoon:~$ ps -ax |grep ftpd |grep -v grep 951 ?? IWs 0:00.12 ftpd: localhost: warpy: SYST\r\n (ftpd) typhoon:~$ Comments? Warpy +--------------------------------------------------------------------+ | http://www.sekurity.org/~warpy | | Key fingerprint = 02 78 30 F9 0A 73 15 24 A2 E4 B1 A0 F0 42 80 B0 | +--------------------------------------------------------------------+
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971125094506.991A-100000>