From owner-freebsd-security  Wed Apr 11  2:36:39 2001
Delivered-To: freebsd-security@freebsd.org
Received: from ajax1.sovam.com (ajax1.sovam.com [194.67.1.172])
	by hub.freebsd.org (Postfix) with ESMTP id 7D7F737B422
	for <security@FreeBSD.ORG>; Wed, 11 Apr 2001 02:36:33 -0700 (PDT)
	(envelope-from admin128@mail.ru)
Received: from ts16-a439.dial.sovam.com ([195.239.4.185]:1973 "EHLO
	ts16-a439.dial.sovam.com" ident: "NO-IDENT-SERVICE[2]" whoson:
	"-unregistered-" smtp-auth: <none> TLS-CIPHER: <none> TLS-PEER: <none>)
	by ajax1.sovam.com with ESMTP id <S238365AbRDKJgU>;
	Wed, 11 Apr 2001 13:36:20 +0400
Date:	Wed, 11 Apr 2001 13:35:20 +0400
From: Anton Vladimirov <admin128@mail.ru>
X-Mailer: The Bat! (v1.47 Halloween Edition)
Reply-To: Anton Vladimirov <admin128@mail.ru>
Organization: FBSD Administration Center
X-Priority: 3 (Normal)
Message-ID: <941113000.20010411133520@mail.ru>
To: Eugene Grosbein <eugen@iname.com>
Cc: security@FreeBSD.ORG
Subject: Re[2]: ftp vulnerability
In-reply-To: <20010411171843.A78034@svzserv.kemerovo.su>
References: <15739596567.20010411131004@mail.ru>
 <20010411171843.A78034@svzserv.kemerovo.su>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hello Eugene,

Wednesday, April 11, 2001, 1:18:43 PM, you wrote:

EG> On Wed, Apr 11, 2001 at 01:10:04PM +0400, Anton Vladimirov wrote:

>>   I run FreeBSD 4.0-RELEASE with all security patches applied.
>>   Could anyone clearly explain how to fix the recent
>>   ftpd hole for this version?

EG> You can use workaround: put a record into /etc/login.conf:

EG> anonftp:\
EG>         :datasize=16M:\
EG>         :stacksize=8M:\
EG>         :memoryuse=16M:\
EG>         :priority=5:\
EG>         :tc=default:

EG> Choose values suitable for you. Then do 
EG> cap_mkdb /etc/login.conf 
EG> and set login class of user 'ftp' to anonftp.
EG> This will prevent exloiting this hole.

Is this vulnerability concerned only to anonymous ftp?
Can it be exploited by non-anonymous users?


-- 
Best regards,
 Anton                            mailto:admin128@mail.ru



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message