Subject: [thomas@suse.de: SuSE Security Announcement: lukemftp, nkitb, nkitserv (SuSE-SA:2002:018)]
To: None <tech-security@netbsd.org>
From: Jan Schaumann <jschauma@netbsd.org>
List: tech-security
Date: 05/16/2002 12:23:19
All,

Are we affected by the (snipped) security advisory below?  The posting
to bugtraq did not contain a proof of concept or some such.

-Jan



----- Forwarded message from Thomas Biege <thomas@suse.de> -----

> Date: Thu, 16 May 2002 14:05:46 +0200 (CEST)
> From: Thomas Biege <thomas@suse.de>
> To: <bugtraq@securityfocus.com>
> Subject: SuSE Security Announcement: lukemftp, nkitb, nkitserv (SuSE-SA:2002:018)
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> ______________________________________________________________________________
> 
>                         SuSE Security Announcement
> 
>         Package:                lukemftp, nkitb, nkitserv
>         Announcement-ID:        SuSE-SA:2002:018
>         Date:                   Wednesday, May 15th 2002 12:30 MEST

>         Vulnerability Type:     remote command execution
>         Severity (1-10):        3
>         SuSE default package:   yes
>         Other affected systems: all systems using lukemftp
 
> ______________________________________________________________________________
> 
> 1)  problem description, brief discussion, solution, upgrade information
> 
>     Lukemftp (ftp(1), /usr/bin/ftp, /usr/bin/pftp) is a compfortable ftp
>     client from NetBSD.
>     A buffer overflow could be triggered by an malicious ftp server while the
>     client parses the PASV ftp command. An attacker who control an ftp server
>     to which a client using lukemftp is connected can gain remote access to
>     the clients machine with the privileges of the user running lukeftp.
 
> Bye,
>      Thomas
> -- 
>   Thomas Biege <thomas@suse.de>
>   SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg
>   Function: Security Support & Auditing
>   "lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka"
>   Key fingerprint = 51 AD B9 C7 34 FC F2 54  01 4A 1C D4 66 64 09 83
> -- 
> 	Trete durch die Form ein, und trete aus der Form  heraus.

----- End forwarded message -----