TUCoPS :: Linux :: Apps A-M
:: ftpfs.htm
FTPFS Bounds Checking inadequacy
Vulnerability
FTPFS
Affected
FTPFS
Description
Frank DENIS (Jedi/Sector One) found buffer oveflow in FTPFS (linux
kernel module). FTPFS is a Linux kernel module, enhancing VFS
with FTP volume mounting capabilities. However, it has
insufficient bounds checking. If a user can enter mount options
through a wrapper, he can take over the whole system, even with
restricted capabilities.
Here's a simple exploit :
mount -t ftpfs none /mnt -o ip=127.0.0.1,user=xxxxxxxxxxxxxxxxxxxxxxxxxxxx...
The previous command produces an immediate reboot (tested with
kernel 2.4.2 and FTPFS 0.1.1) .
Solution
The author is aware of that vulnerability.