[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NcFTP - password leaking

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: NcFTP - password leaking
From: Alex Behar <alex@xxxxxxxxxxxxxx>
Date: Tue, 20 Apr 2004 21:28:04 +0300

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 20 April 2004 02:46, Konstantin Gavrilenko wrote:

> ncftp client does not hash the password under certain conditions. And
> such information is made available to other users through `ps aux`

> Risk Factor: High

Wget (1.8.2 and earlier) and lftp (2.6.11 and earlier) have the very same 
"vulnerability". I doubt thats a problem worth posting an advisory over. Both 
lftp and ncftp can be runned in interactive mode and the details entered 
inside, so no information is disclosed to "ps". Also, in wget, you can use 
the --input-file=<filename> option which allows you to put the URLs in 
ftp://user:pass@host/ format, one at a line in a file. Note that there will 
be still info on the harddrive (unless you remove the URL list from the disk 
after running the application is runned).
In wget there isnt a way around that, so there it might be more of a 
"vulnerability" then ncftp or lftp.

Alex
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAhWu7fDQ3s2iW3q0RAo89AJ0SuQgXKX5DODvUaiRDsp2/ZcJUCQCgw3/8
kTc+rq+E+wScAubqreOhkss=
=xqeS
-----END PGP SIGNATURE-----

References:
- NcFTP - password leaking
  - From: Konstantin Gavrilenko

Prev by Date: Cisco Security Advisory: Vulnerabilities in SNMP Message Processing
Next by Date: Linux kernel setsockopt MCAST_MSFILTER integer overflow
Previous by thread: Re: NcFTP - password leaking
Next by thread: MDKSA-2004:033 - Updated xine-ui packages fix temporary file insecurities
Index(es):
- Date
- Thread