The 'Security Digest' Archives (TM)

Archive: About | Browse | Search | Contributions | Feedback
Site: Help | Index | Search | Contact | Notices | Changes

ARCHIVE: 'Phage List' - Archives (1988 - 1989)
DOCUMENT: phage #210 [Re: yet another ftpd hole (on Suns)] (1 message, 1105 bytes)
SOURCE: http://securitydigest.org/exec/display?f=phage/archive/210.txt&t=text/plain
NOTICE: securitydigest.org recognises the rights of all third-party works.

START OF DOCUMENT

From: Edward Vielmetti <emv@starbarlounge.cc.umich.edu>
To: phage
Date: Wed 17:10:23 09/11/1988 EST
Subject: Re: yet another ftpd hole (on Suns)
References: [Thread Prev: 200] [Thread Next: 220] [Message Prev: 208] [Message Next: 209]

I have confirmed Pete's report on a Sun running this version
of FTP:

220 xxxx FTP server (Version 4.7 Sun Sep 14 12:44:57 PDT 1986) ready.
                 
If your FTP is dated this early (I think it's SunOS 3.2) then contact
me and I'll tell you how to exercise this bug, conditional of course
on your ability to fix it on the systems in question.  Contrariwise,
if you're a binary-only site and are still running the original
Sun binaries, I'd like to know exactly at which release level this
bug disappeared.  It may or may not be present in other vendors software
as well.  It's not present on my system (Apollo SR10):

220 starbarlounge.cc.umich.edu FTP server (Version SR10-4.32 Wed May 18 11:32:04 EDT 1988) ready.

If your FTP is old and nasty, then it no doubt has the anonymous
FTP hole as well.  This particular bug can be exercised only if you
have a login on the system in question; as such, it should be of concern
to those who are worried about attacks from within as well as attacks
from the outside.  Whether or not you are connected to the outside
world, you are at risk.

--Ed

ps. the more I read this list, the more concerned I am about network
security.  rtm's worm exploited what I assume is the first of multiple
gaping and not-so-gaping holes in unix security.  I fear that the
academic/research community will, in fixing these problems, endanger
the actual security of business installations who are dependent on
the good business sense of their vendors to provide timely upgrades.

It would be irresponsible of Sun not to inform their customers of this
bug, and to ship a fixed version.

END OF DOCUMENT