Originally Published: Saturday, 18 September 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Tymm Twillman releases proftpd-1.2.0pre6 patch on BugTraq

In an effort to allow admins to upgrade their servers, Tymm Twillman has released a patch for the latest proftpd-1.2.0 bug. Apparently an exploit will be released later this week.

   Page 1 of 1  

[from BugTraq]

Before I release the exploit, I'd like to give people a chance to fix the problem. Here's the patch. Note that there are other potential problems; I've been in contact with MacGyver and a new version fixing this and other stuff should be out within a few days (at this point I really have no clue if there are exploits possible for the other issues that might allow breakins; please keep up to date and upgrade as soon as the new version is available).

Anyhow, here's the patch:

--- proftpd-1.2.0pre6.old/src/main.c Fri Sep 10 15:49:32 1999 +++ proftpd-1.2.0pre6/src/main.c Thu Sep 16 01:50:43 1999 @@ -379,7 +379,7 @@ #if PF_ARGV_TYPE == PF_ARGV_WRITEABLE /* We can overwrite individual argv[] arguments. Semi-nice. */ - snprintf(Argv[0], maxlen, statbuf); + snprintf(Argv[0], maxlen, "%s", statbuf); p = &Argv[0][i];

while(p < LastArgv)

-- that's it. Amazing how much these little things matter.


   Page 1 of 1