Date: Sun, 6 Feb 2005 04:22:22 GMT From: Ryoji Kanai <rkanai@eeye.com> To: freebsd-gnats-submit@FreeBSD.org Subject: bin/77158: Buffer Overflow in lukemftp Message-ID: <200502060422.j164MM9l010224@www.freebsd.org> Resent-Message-ID: <200502060430.j164URp4085208@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 77158 >Category: bin >Synopsis: Buffer Overflow in lukemftp >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Feb 06 04:30:26 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Ryoji Kanai >Release: FreeBSD 6.0-CURRENT >Organization: eEye Digital Security >Environment: FreeBSD unicorn 6.0-CURRENT FreeBSD 6.0-CURRENT #1: Sun Jan 16 15:45:21 PST 2005 kanai@unicorn:/usr/obj/usr/src/sys/UNICORN i386 >Description: A buffer overflow exists in ftp(lukemftp). >How-To-Repeat: Just use long filename. ex: ftp> get aaaaaaaaaaaa... (over 1024 = BUFSIZ) Segmentation fault (core dumped) >Fix: main.c:668 is a problem. fix thie code. > memcpy(line, buf, num); >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200502060422.j164MM9l010224>