From wolfgang@wsrcc.com Tue Feb 24 17:57:41 1998
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id RAA10129 for <bugs@RT-11.MIT.EDU>; Tue, 24 Feb 1998 17:57:41 -0500
Received: from c460058-a.frmt1.sfba.home.com by MIT.EDU with SMTP
id AA16619; Tue, 24 Feb 98 17:57:39 EST
Received: (from wolfgang@localhost)
by capsicum.wsrcc.com (8.8.8/8.8.8) id OAA29895;
Tue, 24 Feb 1998 14:57:38 -0800 (PST)
Message-Id: <199802242257.OAA29895@capsicum.wsrcc.com>
Date: Tue, 24 Feb 1998 14:57:38 -0800 (PST)
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
To: krb5-bugs@MIT.EDU
Subject: krb5 ftpd
Wolfgang Rupprecht <wolfgang@wsrcc.com> http://www.wsrcc.com/wolfgang/
Never trust a program you don't have sources for.
1) anon-ftp can create directories in ~/incoming. These directories
are normal read/write directories that can be used as drop boxes
for anonymous third parties.
2) the syslog-ing of anonymouse ftp commands doesn't work.
This allows the above folks to mostly evade detection.
-wolfgang
Responsible-Changed-From-To: gnats-admin->tlyu
Responsible-Changed-By: tlyu
Responsible-Changed-When: Tue Feb 24 21:45:08 1998
Responsible-Changed-Why:
Refiled
State-Changed-From-To: open-analyzed
State-Changed-By: tlyu
State-Changed-When: Tue Feb 24 21:45:26 1998
State-Changed-Why:
First part fixed.
src/gssftp/ftpd/ftpcmd.y 1.6
From: Tom Yu <tlyu@MIT.EDU>
To: wolfgang@wsrcc.com
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-appl/553: krb5 ftpd
Date: Tue, 24 Feb 1998 21:49:59 -0500
Thanks for the tip. We've fixed our sources to check certain commands
(mkdir, rmdir, chmod, umask) against anonymous users. Adding verbose
sysloging capabilities is not really on our priority list, though, as
really people should be using wu-ftpd if they're running an anonymous
ftp server. Granted, we do have a student who's working on adding
gssapi authentication to wu-ftpd, though that is still not yet ready.
Arguably, we should emphasize in our documentation that our ftpd is
not intended to be used with anonymous users.
---Tom
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
To: Tom Yu <tlyu@MIT.EDU>
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-appl/553: krb5 ftpd
Date: Tue, 24 Feb 1998 22:46:55 -0800 (PST)
Tom Yu writes:
Actually, the last time I had a look at the code it seemed that there
was logging in place that would do the trick. The problem was that
the chroot seemed to clobber it. It wasn't immidiately obvious what
was wrong with it.
-wolfgang
--
Wolfgang Rupprecht <wolfgang@wsrcc.com> http://www.wsrcc.com/wolfgang/
Never trust a program you don't have sources for.
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id RAA10129 for <bugs@RT-11.MIT.EDU>; Tue, 24 Feb 1998 17:57:41 -0500
Received: from c460058-a.frmt1.sfba.home.com by MIT.EDU with SMTP
id AA16619; Tue, 24 Feb 98 17:57:39 EST
Received: (from wolfgang@localhost)
by capsicum.wsrcc.com (8.8.8/8.8.8) id OAA29895;
Tue, 24 Feb 1998 14:57:38 -0800 (PST)
Message-Id: <199802242257.OAA29895@capsicum.wsrcc.com>
Date: Tue, 24 Feb 1998 14:57:38 -0800 (PST)
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
To: krb5-bugs@MIT.EDU
Subject: krb5 ftpd
Show quoted text
>Number: 553
>Category: krb5-appl
>Synopsis: ftpd guest behavior
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: tlyu
>State: analyzed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Feb 24 17:58:01 EST 1998
>Last-Modified: Fri Sep 14 10:44:19 EDT 2001
>Originator: Wolfgang Rupprecht <wolfgang@wsrcc.com>
>Organization:
-- >Category: krb5-appl
>Synopsis: ftpd guest behavior
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: tlyu
>State: analyzed
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Feb 24 17:58:01 EST 1998
>Last-Modified: Fri Sep 14 10:44:19 EDT 2001
>Originator: Wolfgang Rupprecht <wolfgang@wsrcc.com>
>Organization:
Wolfgang Rupprecht <wolfgang@wsrcc.com> http://www.wsrcc.com/wolfgang/
Never trust a program you don't have sources for.
Show quoted text
>Release:
>Environment:
>Description:
Krb5 ftpd had two significant bugs that interact badly.>Environment:
>Description:
1) anon-ftp can create directories in ~/incoming. These directories
are normal read/write directories that can be used as drop boxes
for anonymous third parties.
2) the syslog-ing of anonymouse ftp commands doesn't work.
This allows the above folks to mostly evade detection.
-wolfgang
Show quoted text
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Fix:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->tlyu
Responsible-Changed-By: tlyu
Responsible-Changed-When: Tue Feb 24 21:45:08 1998
Responsible-Changed-Why:
Refiled
State-Changed-From-To: open-analyzed
State-Changed-By: tlyu
State-Changed-When: Tue Feb 24 21:45:26 1998
State-Changed-Why:
First part fixed.
src/gssftp/ftpd/ftpcmd.y 1.6
From: Tom Yu <tlyu@MIT.EDU>
To: wolfgang@wsrcc.com
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-appl/553: krb5 ftpd
Date: Tue, 24 Feb 1998 21:49:59 -0500
Thanks for the tip. We've fixed our sources to check certain commands
(mkdir, rmdir, chmod, umask) against anonymous users. Adding verbose
sysloging capabilities is not really on our priority list, though, as
really people should be using wu-ftpd if they're running an anonymous
ftp server. Granted, we do have a student who's working on adding
gssapi authentication to wu-ftpd, though that is still not yet ready.
Arguably, we should emphasize in our documentation that our ftpd is
not intended to be used with anonymous users.
---Tom
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
To: Tom Yu <tlyu@MIT.EDU>
Cc: krb5-bugs@MIT.EDU
Subject: Re: krb5-appl/553: krb5 ftpd
Date: Tue, 24 Feb 1998 22:46:55 -0800 (PST)
Tom Yu writes:
Show quoted text
> We've fixed our sources to check certain commands (mkdir, rmdir,
> chmod, umask) against anonymous users. Adding verbose sysloging
> capabilities is not really on our priority list,
> chmod, umask) against anonymous users. Adding verbose sysloging
> capabilities is not really on our priority list,
Actually, the last time I had a look at the code it seemed that there
was logging in place that would do the trick. The problem was that
the chroot seemed to clobber it. It wasn't immidiately obvious what
was wrong with it.
-wolfgang
--
Wolfgang Rupprecht <wolfgang@wsrcc.com> http://www.wsrcc.com/wolfgang/
Never trust a program you don't have sources for.
Show quoted text
>Unformatted: