Bugtraq mailing list archives
Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability
From: yardley () UIUC EDU (Tim)
Date: Wed, 15 Dec 1999 09:16:01 -0600
Maybe I am missing something, but after looking at the ASM code that ussr provided, it seems as if they are just doing a standard "connection flood". I see absolutely nothing significant or specific to WarFTPD here. The same type of attack would affect any number of FTP servers when done from a fast enough link. In other words, the good ole' hose + a tiny fragment of code to actually send a username/pass is all that is needed to duplicate this. The only denial of service I see here is a "max connections" problem. This would be harder to combat if the attack cam from random ip's... but that is not the case in this instance. So, did I miss something in this case? /tmy At 06:41 PM 12/14/1999, Ussr Labs wrote:
Strange, no body report this problem only you :(, the war ftp deamnon stop responding wen reseive lots of incomming connections, the porgram no CRASH just only stop responding. u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h http://www.ussrback.com -----Original Message----- From: Malartre [mailto:malartre () videotron ca] Sent: Tuesday, December 14, 1999 8:46 PM To: Ussr Labs Cc: BUGTRAQ () SECURITYFOCUS COM Subject: Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Ussr Labs wrote:Local / Remote D.o.S Attack in War FTP Daemon 1.70 VulnerabilityI am personnaly not able to reproduce this on my computer. I was using the program on the same computer that war-ftpd is. It's a Pentium 200 with win95b, no firewalls, nothing special. My cable-modem connection was down during the use of the program, but this is because I was flooding myself. After a minute or two, I closed the program and my connection was back and War FTP was ok. Thank You -- [Malartre][malartre () videotron ca]
-- Diving into infinity my consciousness expands in inverse
proportion to my distance from singularity
+-------- ------- ------ ----- ---- --- -- ------ --------+
| Tim Yardley (yardley () uiuc edu)
| http://www.students.uiuc.edu/~yardley/
+-------- ------- ------ ----- ---- --- -- ------ --------+
Current thread:
- Re: Big problem on 2.0.x?, (continued)
- Re: Big problem on 2.0.x? Mike Ireton (Dec 10)
- Re: Big problem on 2.0.x? Stephen White (Dec 11)
- Privacy hole in Go Express Search Alfred Huger (Dec 13)
- Re: Big problem on 2.0.x? Jason Mills (Dec 13)
- [patch] Re: Big problem on 2.0.x? Andrea Arcangeli (Dec 14)
- Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Ussr Labs (Dec 13)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Malartre (Dec 14)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Ussr Labs (Dec 14)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Federico - Comnet S.A. (Dec 15)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70Vulnerability ussr secure (Dec 16)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Tim (Dec 15)
- Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability Ussr Labs (Dec 15)
- CERT Advisory CA-99-16 Buffer Overflow in Sun Solstice AdminSuite Daemon sadmind Elias Levy (Dec 14)
- Statement: Local / Remote D.o.S Attack in War FTP Daemon 1.70 Jarle Aase (Dec 16)
- Re: sshd1 allows unencrypted sessions regardless of server policy Michael H. Warfield (Dec 14)
- Re: sshd1 allows unencrypted sessions regardless of server policy Pavel Machek (Dec 14)
- Re: sshd1 allows unencrypted sessions regardless of server policy Joseph Moran (Dec 14)
- Re: sshd1 allows unencrypted sessions regardless of server policy David Schwartz (Dec 15)