https://www.exploit-db.com/exploits/20691
https://www.securityfocus.com/bid/82997
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200106-197

FTPFS存在缓冲区溢出漏洞。本地用户借助超长用户名提升根特权。

source: http://www.securityfocus.com/bid/2498/info

FTPFS is a Linux kernel module allowing users to mount remote files from any standard FTP server as a local filesystem.

A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary code. This overflow can be exploited by any local user with access to the mount command on a system with FTPFS installed.

mount -t ftpfs none /mnt -o ip=127.0.0.1,user=xxxxxxxxxxxxxxxxxxxxxxxxxxxx...

来源:XF
名称:ftpfs-bo
链接:http://xforce.iss.net/static/6234.php
来源:BUGTRAQ
名称:20010313BufferoveflowinFTPFS(linuxkernelmodule)
链接:http://archives.neohapsis.com/archives/bugtraq/2001-03/0163.html