[Zope] Security flaw in Zope FTP server?
Brian Lloyd
Brian@digicool.com
Fri, 3 Mar 2000 09:29:28 -0500
> I was running a security scanner (nessus) on my webserver
> tonight, and it came
> back with port 8021 having an ftp server which "closes the connection
> when USER, PASS, or HELP is given with a too long argument." It says
> "This is probably due to a buffer overflow" Is this a false positive?
> Or is this something to actually be concerned about?
Because the FTP server code is in Python, the chances of this
being a real classic "buffer overflow" (of the sort that can
start to overwrite unintended memory) is slim (I expect that
the worst you could do is send something so long that it consumes
all available memory and causes Python to raise a MemoryError).
We should look into the handling of those commands though. I don't
manage the FTP code so I don't have enough deep Zen to know what
the "correct" behavior is, but it seems that if it's giving a
false positive then something is probably not being handled
totally correctly. Can you make an post in the Collector about
this so that it doesn't get lost in the flow of the list?
Thanks!
Brian Lloyd brian@digicool.com
Software Engineer 540.371.6909
Digital Creations http://www.digicool.com