Menu
▾
▴
[Tcllib-devel] Fuzzing the tcllib ftpd code
|
From: Michael S. <sc...@un...> - 2006-05-03 22:30:44
|
Hi all, there was a recent posting on the bugtraq security mailing list about a fuzz tool for ftp servers. (http://www.infigo.hr/files/ftpfuzz.zip) I tried it with the ftpd.test file in the demos directory of tcllib, and it promptly managed to bring the server to a shutdown. (one has to check the 'fuzz all selected command in one FTP session' checkbox in the fuzz tool to make it work). If someone with a bit more interest in the ftpd code would check if there are security or other issues lurking in there, or what would be good new test cases it would be nice. Michael |
