Bugtraq mailing list archives
Re: Memory leakage in proftpd leads to remote DoS
From: Dmitry Alyabyev <dimitry () al org ua>
Date: Wed, 20 Dec 2000 04:29:37 +0200
Tuesday, December 19, 2000, 3:58:03 PM, Wojciech Purczynski wrote:
WP> Proftpd has memory leakage bug if it executes SIZE FTP command.
WP> Using 5000 SIZE commands causes proftpd to consume over 300kB of memory.
WP> Exploiting this bug with more SIZE commands gives us simple DoS attack.
WP> Anonymous access is sufficient to use SIZE commands and to exploit this
WP> bug.
Anyway, anybody could deny SIZE command as workaround:
<Limit SIZE>
Deny All
</Limit>
--
Dimitry
Current thread:
- Memory leakage in proftpd leads to remote DoS Wojciech Purczynski (Dec 19)
- Re: Memory leakage in proftpd leads to remote DoS Dmitry Alyabyev (Dec 20)
- Re: Memory leakage in proftpd leads to remote DoS tj (Dec 20)
- Re: Memory leakage in proftpd leads to remote DoS Wojciech Purczynski (Dec 22)
- Re: Memory leakage in proftpd leads to remote DoS Rodrigo Barbosa (aka morcego) (Dec 24)
- Re: Memory leakage in proftpd leads to remote DoS Wojciech Purczynski (Dec 22)