>Just out of curiosity, don't you need to be running >anonymous ftp for this exploit to work? I just checked >Security Focus and it says "SDI anonymous remote >exploit for proftpd". From what I can gather, it says >they first need "permission to download a file (like >welcome.msg or README)." Not that this isn't a serious >issue, but if anonymous FTP isn't turned on, I don't >think it would be so easy to exploit (unless of course >a user decides to try). Please correct me if I'm >wrong. > >http://www.securityfocus.com/cgi-bin/archive.pl?>id=1&mid=27450
Well by looking at the script in question ...... /* * SDI linux remote exploit for ProFTPDpre[1,2,3] * Sekure SDI - Brazilian Information Security Team * by c0nd0r <[EMAIL PROTECTED]> - Sep/99 (tudo na paz!) * * Exploit for the ProFTPD log_xfer() buffer overflow -- it will spawn a * shell owned by root. * * HOWTO: unlikely the other recent FTP vulnerability, this one doesn't * need a writeable directory. You just got to have permission to * download a file (like welcome.msg or README). Don't forget to install * our favorite network tool -- NetCat. * This would confirm your comments .... Azi .. _____________________________________________________________ Supplying Your Everyday Needs ---> http://www.t35.com _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
