Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Flaw in libc implementation threatens FTP servers

Oct 08, 2010, 07:34 (1 Talkback[s])

"A flaw in the implementation of the glob() function in various C libraries (libc) can be exploited to remotely cripple FTP servers. As many FTP servers allow anonymous log-ins, and the flaw is said to be easy to exploit, many servers are at risk of falling victim to the attack. A report by security specialist Maksymilian Arciemowicz says that even large FTP servers such as those run by Adobe and HP are affected.

"The problem exists because GLOB_LIMIT, a feature added in 2001 to limit the amount of memory used by the glob() function is ineffective."

Complete Story

Related Stories: