From owner-freebsd-security Mon Oct 2 11:55: 7 2000 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 6F70D37B66D for ; Mon, 2 Oct 2000 11:54:57 -0700 (PDT) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id MAA07987; Mon, 2 Oct 2000 12:54:52 -0600 (MDT) Message-Id: <4.3.2.7.2.20001002124915.00d51820@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 02 Oct 2000 12:54:46 -0600 To: Dan Debertin From: Brett Glass Subject: Re: ftpd bug in FreeBSD through at least 3.4 Cc: security@FreeBSD.ORG In-Reply-To: References: <4.3.2.7.2.20001002113441.04932240@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 12:42 PM 10/2/2000, Dan Debertin wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >I realize that there have been quite a few advisories related to wu-ftpd >lately. However, looking at the example you quote below, it looks as if it >is the Linux FTP _client_ that is SEGVing, not the server. Would a server >tell the remote end that it has segfaulted? No. Run strace on your ftp >client, and you'll see the SEGV. Just looked at this, and you seem to be correct. The message does, for some reason, seem to be originating in the client. This means that while there is a bug it is not likely to be exploitable. Whew! --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message