[Snort-users] help for FTP EXPLOIT wu-ftpd 2.6.0 site exec overflow

Chris Green cmg at ...671...
Fri Mar 23 11:19:28 EST 2001


Try using flags: PA; but the real solution is to upgrade ( preferably
to CVS or waiting for 1.7.1 ).  The + was new to 1.7.0 I think.

Giving all the parameters will not work because then it will look for
an XMAS packet with everything set. 

chandrasekhar radhakrishnan <chandru_stud at ...131...> writes:

> I have been using snort-1.6.3.I have tried to test the
> FTP exploit wu-ftpd 2.6.0 site exec overflow.The
> system has failed to detect this.
> Also does this version of snort not take the + option
> for FLAGS parameter.What is the solution to this ; can
> I give all the parameters-UAPRSF12.
> thanks
> chandrasekhar
> 

-- 
Chris Green <cmg at ...671...>
Fame may be fleeting but obscurity is forever.




More information about the Snort-users mailing list