However as a matter of fact that could still suffers from a similar direct drive access bug (instead of dot dot use driveletter:). I don't think anybody ever check if in that case access to an absolute path on another drive would be possible or if that would be thwarted later by the file renaming routine (which would change ':' to '@').
I've always wanted to implement a small additional path for that but never did it since I don't have a patched rogue ftp server handy to test it. What would be needed to be patched is has_insecure_name_p() in fnmatch.c, #ifdef WINDOWS check if the second character is ':' . Heiko -- -- PREVINET S.p.A. www.previnet.it -- Heiko Herold [EMAIL PROTECTED] -- +39-041-5907073 ph -- +39-041-5907472 fax > -----Original Message----- > From: Doug Kaufman [mailto:[EMAIL PROTECTED] > Sent: Sunday, August 17, 2003 6:51 AM > To: Vesselin Peev > Cc: [EMAIL PROTECTED] > Subject: Re: Win32 binary without FTP vulnerability > > > On Sun, 17 Aug 2003, Vesselin Peev wrote: > > > I have previously looked at the same downloads. > > However, the security advisory is dated December 2002, > while the 1.8.2 > > version I downloaded from Heiko Herold's wget sport is > dated 2002/05/29. Is > > You need to download the 1.9 beta version. It is available there. > Doug > > > -- > Doug Kaufman > Internet: [EMAIL PROTECTED] >
