[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

misc/72508: Anyone can change root on anonymous ftp



>Number:         72508
>Category:       misc
>Synopsis:       Anyone can change root on anonymous ftp
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Oct 11 11:30:20 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     winnehr
>Release:        FreeBSD 5.1-RELEASE
>Organization:
JSoft
>Environment:
FreeBSD server 5.1-RELEASE FreeBSD 5.1-RELEASE #1: Sat Sep 11 00:43:46 VLAST 2004     winnehr_(_at_)_server:/usr/src/sys/i386/compile/new  i386
>Description:
Anyone can change root on anonymous ftp
>How-To-Repeat:
* logon anonymously on ftp (standart /usr/libexec/ftpd -l in /etc/inetd.conf)
* upload any dir to it and enter to it (for example with programm setup files)
* move on ftp server this dir to any other location (for example /tmp)
* exit from dir on ftp client and.... you in /tmp dir and can move to other dirs
>Fix:
      
>Release-Note:
>Audit-Trail:
>Unformatted:

Visit your host, monkey.org