Vulners
Lucene search
proftpd.1.2.0pre6.txt
`Tymm Twillman [[email protected]]
Sent: Friday, September 17, 1999 2:15 PM
Subject: proftpd 1.2.0pre6 patch
Before I release the exploit, I'd like to give people a chance to fix
the problem. Here's the patch. Note that there are other potential
problems; I've been in contact with MacGyver and a new version fixing
this and other stuff should be out within a few days (at this point I
really have no clue if there are exploits possible for the other issues
that might allow breakins; please keep up to date and upgrade as soon as
the new version is available).
Anyhow, here's the patch:
<cut>
--- proftpd-1.2.0pre6.old/src/main.c Fri Sep 10 15:49:32 1999
+++ proftpd-1.2.0pre6/src/main.c Thu Sep 16 01:50:43 1999
@@ -379,7 +379,7 @@
#if PF_ARGV_TYPE == PF_ARGV_WRITEABLE
/* We can overwrite individual argv[] arguments. Semi-nice.
*/
- snprintf(Argv[0], maxlen, statbuf);
+ snprintf(Argv[0], maxlen, "%s", statbuf);
p = &Argv[0][i];
while(p < LastArgv)
</cut>
-- that's it. Amazing how much these little things matter.
-Tymm
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 Sep 1999 00:00Current
7.4High risk
Vulners AI Score7.4