Date: Fri, 23 Jun 2000 13:13:19 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Mike Silbersack <silby@silby.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Fwd: WuFTPD: Providing *remote* root since at least1994 Message-ID: <200006231713.NAA49665@khavrinen.lcs.mit.edu> In-Reply-To: <Pine.BSF.4.21.0006222230390.65791-100000@achilles.silby.com> References: <4.2.2.20000622201823.0479a690@mail.sentex.net> <Pine.BSF.4.21.0006222230390.65791-100000@achilles.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
<<On Thu, 22 Jun 2000 22:34:30 -0500 (CDT), Mike Silbersack <silby@silby.com> said:
> (Does anyone actually still run it?)
Absolutely.
Here's a patch (mangled by cut&paste) which hacks around the problem.
Stick it in patches/patch-ftpcmd.y-MIT-IS for best results. This hack
was put together by MIT Information Systems as a stopgap until the
wu-ftpd developers come up with an official fix.
*** src/ftpcmd.y.old Fri Jun 23 00:44:11 2000
- --- src/ftpcmd.y Fri Jun 23 00:48:36 2000
***************
*** 1460,1469 ****
- --- 1460,1474 ----
if (wu_getline(cbuf, sizeof(cbuf) - 1, stdin) == NULL) {
(void) alarm(0);
reply(221, "You could at least say goodbye.");
dologout(0);
}
+ else if (strchr(cbuf, '%')) {
+ (void) alarm(0);
+ reply(421, "The command line contained a %% character.");
+ dologout(0);
+ }
#ifndef IGNORE_NOOP
(void) alarm(0);
#endif
if ((cp = strchr(cbuf, '\r'))) {
*cp++ = '\n';
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE5U5qlI+eG6b7tlG4RAqNBAJ9dLOLVO3hBhNM22gBMtrJYttCO0ACgobsD
E9wtuVVqPIpjNoBO0hY3Dqo=
=fbsD
-----END PGP SIGNATURE-----
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006231713.NAA49665>