7 lines
No EOL
505 B
Text
Executable file
7 lines
No EOL
505 B
Text
Executable file
source: http://www.securityfocus.com/bid/2498/info
|
|
|
|
FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem.
|
|
|
|
A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary code. This overflow can be exploited by any local user with access to the mount command on a system with FTPFS installed.
|
|
|
|
mount -t ftpfs none /mnt -o ip=127.0.0.1,user=xxxxxxxxxxxxxxxxxxxxxxxxxxxx... |