Bugtraq mailing list archives
Re: Multiple-Vendor-FTP-Vuln. (old?)
From: Roman Drahtmueller <draht () suse de>
Date: Tue, 21 Aug 2001 01:40:30 +0200 (MEST)
i tested an old proftpd bug (ls /../*/../*/../*/../*/../*/../*/../*) on = many new Linux-Dist.. When a user logged in in ftp and type the ls command the in.ftpd takes over 90 percent cpu-usage and execute = the command 2 or 3x than the full system hang up. it also works in = console. I wonder that is not fixed. THIS BUG IS OLD. POSTED ON BUGTRAQ = in march 01, but it still works so i post it again. affected: RedHat Linux 7.x Linux Mandrake 8.0 SuSE Linux 7.2
I wonder when or where you tested this. The proftpd package that can be found in the /pub/suse/<arch>/update/*/n1/ directories on ftp.suse.com (age: May 9th) do not show this behaviour and appears to be sane. [...]
Fix: set cpu-limit for your anonymous user.
I doubt that this solution is very efficient if you provide automatic gzip (and maybe tar) service so that your users can get a directory recursively in form of a tarfile by using the command get directory_name.tar.gz You'd have to choose... Also recommended: DenyFilter "%" if there are more format string errors in the code, this might be an easy workaround until the code is fixed in the right place. Roman. -- - - | Roman Drahtmüller <draht () suse de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
Current thread:
- Multiple-Vendor-FTP-Vuln. (old?) Enrico Kern (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) skip (Aug 20)
- RE: Multiple-Vendor-FTP-Vuln. (old?) jeev (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Scott Dier (Aug 20)
- RE: Multiple-Vendor-FTP-Vuln. (old?) Mike Jakubik (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Bernhard Rosenkraenzer (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Roman Drahtmueller (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Dmitriy Kropivnitskiy (Aug 21)
- <Possible follow-ups>
- Re: Multiple-Vendor-FTP-Vuln. (old?) Michael Faurot (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Robert van der Meulen (Aug 20)
- RE: Multiple-Vendor-FTP-Vuln. (old?) E. van Elk (Aug 20)
- RE: Multiple-Vendor-FTP-Vuln. (old?) Michael Bellears (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Michael Faurot (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) skip (Aug 20)