[krbdev.mit.edu #1608] minor ftp mput vulnerability
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Mon Jun 16 15:33:33 EDT 2003
Related to 1351, but less urgent, there are a couple issues in ftp's
mput command we could fix up.
1) If "mput *" is done in a directory containing a file named "-" or a
file name starting with "|", they'll be treated as special names (stdin
and run-command respectively). This is probably not what would be intended.
2) If mput is used in proxy mode, the globbing is not done locally, so a
compromised server could send back special file names, even for a
pattern that wouldn't normally match those names.
Presumably in (1) the user has some clue what files exist locally if
she's trying to send them, and for (2), I don't know that we care that
much about proxy support...
More information about the krb5-bugs
mailing list