Summary: | net-ftp/oftpd: Buffer Overflow in USER Command | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Matthias Geerdsen (RETIRED) <vorlon> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | eradicator |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://securitytracker.com/alerts/2005/Jul/1014413.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Matthias Geerdsen (RETIRED)
2005-07-08 03:03:17 UTC
is there any more info ? the reproduce case looks a bit fuzzy and the 0.3.7 code includes buffer length checking ... concur with spanky, i cant see how this would work. "user \0\0\0\0\0\ (much larger string)" I've tried to interpret this a number of ways, but failed to reproduce. Yeah, I can't reproduce it... I'd like to see a complete tcpdump of the session or something more to go on... Closing as invalid after contacting the guy who discovered the "vulnerability" via email. Actually his client was segfaulting, not oftpd. |