From owner-freebsd-security Mon Oct 2 11:52:23 2000 Delivered-To: freebsd-security@freebsd.org Received: from earth.wnm.net (earth.wnm.net [208.246.240.243]) by hub.freebsd.org (Postfix) with ESMTP id 5269E37B502 for ; Mon, 2 Oct 2000 11:52:20 -0700 (PDT) Received: from localhost (alex@localhost) by earth.wnm.net (8.11.0/8.11.0) with ESMTP id e92IpK692184; Mon, 2 Oct 2000 13:51:20 -0500 (CDT) Date: Mon, 2 Oct 2000 13:51:20 -0500 (CDT) From: Alex Charalabidis To: Brett Glass Cc: "Chris D . Faulhaber" , security@FreeBSD.ORG Subject: Re: ftpd bug in FreeBSD through at least 3.4 In-Reply-To: <4.3.2.7.2.20001002123113.049344d0@localhost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 2 Oct 2000, Brett Glass wrote: > At 12:29 PM 10/2/2000, Chris D . Faulhaber wrote: > > >The system's ftp daemon or wu-ftpd? The ftp daemons installed with 3.5.1 > >and 4.1[.1] don't seem affected. > > It DEFINITELY works on FreeBSD's own ftpd in 3.4-RELEASE and all 2.x versions > I have tested. > Yes it does. It was posted to bugtraq as a proftpd bug on 25 Jul 00 by Carlos Eduardo Gorges . I confirmed the bug existed on our 6.00LS too (and promptly forgot :P). As far as I know, there have been no exploits and it's not even a DoS since the parent process is unaffected. The default FreeBSD ftp client crashes before the server process does, so you can only see the problem with a client on a different OS (oddly enough, the MS-DOS 7 client seems to be the only one that creates no problems at all). -ac -- ============================================================== Alex Charalabidis (AC8139) 5050 Poplar Ave, Ste 170 Systems Administrator Memphis, TN 38157 WebNet Memphis (901) 432 6000 Author, The Book of IRC http://www.bookofirc.com/ ============================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message