Date: Mon, 30 Aug 1999 12:44:35 +1200
From: Nic Bellamy <[email protected]>
To: [email protected]Subject: [patch] ProFTPd remote root exploit
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
Send mail to [email protected] for more info.
--499866794-260631012-935973497=:3481
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
Content-ID: <[email protected]>
Hi,
tracked this problem to an sprintf() into a buffer on the stack in
the log_xfer() routine in src/log.c. Gotta love it. Sigh.
Attached patch against 1.2.0pre3a should fix it (it does the trick here),
although it does still leave ugly stuff in your xferlog. The patch should
also apply to earlier versions without too much trouble.
Regards,
Nic.
-- Nic Bellamy <[email protected]>
J. Random Coder.
--499866794-260631012-935973497=:3481
Content-Type: TEXT/PLAIN; CHARSET=US-ASCII; NAME="proftpd-xferlog.diff"
Content-Transfer-Encoding: BASE64
Content-ID: <[email protected]>
Content-Description:
LS0tIHByb2Z0cGQtMS4yLjBwcmUzYS9zcmMvbG9nLmMub3JpZwlNb24gQXVn
IDMwIDEyOjI4OjUzIDE5OTkNCisrKyBwcm9mdHBkLTEuMi4wcHJlM2Evc3Jj
L2xvZy5jCU1vbiBBdWcgMzAgMTI6Mjk6MDUgMTk5OQ0KQEAgLTExMSw3ICsx
MTEsNyBAQA0KICAgaWYoeGZlcmZkID09IC0xKQ0KICAgICByZXR1cm4gMDsN
CiANCi0gIHNwcmludGYoYnVmLCIlcyAlZCAlcyAlbHUgJXMgJWMgXyAlYyAl
YyAlcyBmdHAgMCAqXG4iLA0KKyAgc25wcmludGYoYnVmLHNpemVvZihidWYp
LCIlcyAlZCAlcyAlbHUgJXMgJWMgXyAlYyAlYyAlcyBmdHAgMCAqXG4iLA0K
ICAgICAgICAgICBmbXRfdGltZSh0aW1lKE5VTEwpKSx4ZmVydGltZSxyZW1o
b3N0LGZzaXplLA0KICAgICAgICAgICBmbmFtZSx4ZmVydHlwZSxkaXJlY3Rp
b24sYWNjZXNzLHVzZXIpOw0KIA0K
--499866794-260631012-935973497=:3481--
