From owner-freebsd-security  Wed Apr 11  3:28: 8 2001
Delivered-To: freebsd-security@freebsd.org
Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80])
	by hub.freebsd.org (Postfix) with ESMTP id B8C8937B424
	for <security@FreeBSD.ORG>; Wed, 11 Apr 2001 03:28:03 -0700 (PDT)
	(envelope-from eugen@svzserv.kemerovo.su)
Received: from svzserv.kemerovo.su (kost [213.184.65.82])
	by www.svzserv.kemerovo.su (8.9.3/8.9.3) with ESMTP id SAA86059;
	Wed, 11 Apr 2001 18:27:56 +0800 (KRAST)
	(envelope-from eugen@svzserv.kemerovo.su)
Message-ID: <3AD43FB9.7D28DC8B@svzserv.kemerovo.su>
Date: Wed, 11 Apr 2001 18:27:53 +0700
From: Eugene Grosbein <eugen@svzserv.kemerovo.su>
Organization: SVZServ
X-Mailer: Mozilla 4.76 [en] (Win95; U)
X-Accept-Language: ru,en
MIME-Version: 1.0
To: Anton Vladimirov <admin128@mail.ru>
Cc: Eugene Grosbein <eugen@iname.com>, security@FreeBSD.ORG
Subject: Re: ftp vulnerability
References: <15739596567.20010411131004@mail.ru>
	 <20010411171843.A78034@svzserv.kemerovo.su> <941113000.20010411133520@mail.ru>
Content-Type: text/plain; charset=koi8-r
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Anton Vladimirov wrote:

> >>   I run FreeBSD 4.0-RELEASE with all security patches applied.
> >>   Could anyone clearly explain how to fix the recent
> >>   ftpd hole for this version?
> 
> EG> You can use workaround: put a record into /etc/login.conf:
> 
> EG> anonftp:\
> EG>         :datasize=16M:\
> EG>         :stacksize=8M:\
> EG>         :memoryuse=16M:\
> EG>         :priority=5:\
> EG>         :tc=default:
> 
> EG> Choose values suitable for you. Then do
> EG> cap_mkdb /etc/login.conf
> EG> and set login class of user 'ftp' to anonftp.
> EG> This will prevent exloiting this hole.
> 
> Is this vulnerability concerned only to anonymous ftp?
> Can it be exploited by non-anonymous users?

Yes, it can. You should either set login class of users to 'anonftp'
or modify their login classes.

Eugene Grosbein

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message