Wu-ftpd FTP server contains remotely exploitable
off-by-one bug
Mike Tancsa
mike at sentex.net
Thu Jul 31 11:52:05 PDT 2003
At 02:40 PM 31/07/2003 -0400, polytarp at cyberspace.org wrote:
>Buffer overflows which work on Linux do not work on FreeBSD.
You need to qualify that statement. Yes, there are some that will not be
relevant and the exact same exploit code will not work. But "Buffer
overflows which work on Linux do not work on FreeBSD" is dangerously
misleading.... In the case of wu-ftpd there have been several issues in the
past that affected both FreeBSD and Linux. Same bug, different exploit
code, both vulnerable. That being said, I havent had a chance to review
this one so I dont know.
---Mike
More information about the freebsd-security
mailing list