ftpd's Checkered Past

• Format string errors in setproctitle(), syslog()
• Unbounded strcpy(), strcat()
• Single byte overflow vulnerability

• Pro-active countermeasures

  • audit for setproctitle() errors
  • Similar bad coding uncovered in syslog() calls
  • Disable PORT command to third party host
    • Breaks RFC compatibility
    • Command line option to re-enable

• TCP/IP stack modified against FTP bounce attack

  • Protection against vulnerability in other systems