4603614 1999-12-20  19:12  /39 rader/ Postmaster
Mottagare: Bugtraq (import) <8964>
Ärende: Security vulnerability in certain wu-ftpd (and derivitives 
------------------------------------------------------------
             configurations (fwd)
Approved-By: aleph1@SECURITYFOCUS.COM
Delivered-To: bugtraq@lists.securityfocus.com
Delivered-To: bugtraq@securityfocus.com
X-Sender: suid@jawa.chilli.net.au
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID:  <Pine.LNX.4.20.9912201251090.16053-100000@jawa.chilli.net.au>
Date:         Mon, 20 Dec 1999 12:53:13 +1100
Reply-To: suid <suid@SUID.EDU>
Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
From: suid <suid@SUID.EDU>
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM

The following paper is available in full from my website, i have
chosen not to post the entire thing here as it is quite long.

http://www.suid.edu/advisories/001.txt

suid@suid.edu - the dangers of ftp conversions on misconfigured
systems/ftpd (specifically wu-ftpd)

Summary:

	There exists a vulnerability with certain configurations of
	certain ftp daemons with which users with a valid ftp only
	acccount on a system may execute arbitrary commands
	(including binaries supplied by themselves). There also
	exists the possibilty that anonymous ftp users may execute
	arbitrary commands (also including binaries supplied by
	themselves).

	While this vulnerability is entirely configuration
	dependent. The required configuration is rather common. The
	requirements can be found in the example exploit
	section. Usually such misconfigurations are made only by the
	security-handicapped, and the documentation-illiterate. There
	is volumous amounts of documentation around which warn
	against this kind of configuration however it does not touch
	on this exact problem. Nor does that seem to prevent people
	from doing this time after time.


Regards,
suid@suid.edu
(4603614) ------------------------------------------(Ombruten)