[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] "Security is easy"

Subject: Re: [cobalt-security] "Security is easy"
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Wed, 7 Mar 2001 22:43:24 +0000 (GMT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Wed, 7 Mar 2001, Jeff Lovell wrote:

> On Wed, 07 Mar 2001, Gossi The Dog wrote:
>
> > WuFTPD 2.6.1(1) [latest version] exploit just appeared on Bugtraq.  No
> > patch from developers available.  Hey, prepare to have some 14 year old
> > own your network...
> >
> > I'm unsure what RaQs this effects - I *THINK* It's RaQ1 and 2.  Oh, and of
> > course it effects Redhat.
>
> The following products have wu-ftpd:
>
> 2700CR - CacheRaQ1
> 2700WG - Qube1
> 2800CR - CacheRaQ2
>
> All other products use proftpd.

Ok, ta Jeff.  Obvious effects on non-i386 are minimized a bit due to
shellcode not working etc.  I'm playing with the exploit on a Mandrake 7.1
box here, can't get it working.  If the exploit is legit, it looks like
yet another site exec bug, which makes the 3rd bug in the same function in
just under 2 years.

I tried it on owned.lab6.com for a laugh - actually reported it was vun,
but failed.  Obviously, it failed because of the lack of the exec command
in Proftpd.

References:
- Re: [cobalt-security] "Security is easy"
  - From: Jeff Lovell

Prev by Date: Re: [cobalt-security] "Security is easy"
Next by Date: [cobalt-security] What is robots.txt?
Previous by thread: Re: [cobalt-security] "Security is easy"
Next by thread: RE: [cobalt-security] "Security is easy"

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index