On Fri, Feb 02, 2001 at 03:04:31PM -0800, Kris Kennaway wrote:
> > BTW. Old BSD derived ftpd is also used in opieftpd and SSLftpd. Both are
> >      vulnerable to this attack.
> In case anyone is wondering how old is old:

The same problem persists in heimdal / kerberosIV ftpd implementation:

heimdal/appl/ftp/ftpd/popen.c and kerberosIV/appl/ftp/ftpd/popen.c:

        char **pop, *argv[100], *gargv[1000];

        /* break up string into pieces */
        foo = NULL;
        for (argc = 0, cp = program;; cp = NULL) {
                if (!(argv[argc++] = strtok_r(cp, " \t\n", &foo)))
                        break;
        }

Both are based on BSD derived ftpd version 6.00.

--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: [EMAIL PROTECTED] ** PGP: D48684904685DF43EA93AFA13BE170BF *

Reply via email to