Bugtraq mailing list archives
Re: Bug in scp v3.0.1
From: Matt Forrest <mforrest () scs ryerson ca>
Date: Wed, 31 Oct 2001 15:53:47 -0500 (EST)
Try using the sftp client. All you have to do is to connect to the machine and sshd2 want to eat all available CPU cycles. I haven't looked at the source yet, but after attaching to a process, it looks like the daemon is sitting in a tight loop calling poll(). I'd think that a well placed select() call might solve the problem. On Wed, 31 Oct 2001, Jonathan A. Zdziarski wrote:
Date: Wed, 31 Oct 2001 00:18:47 -0500 From: Jonathan A. Zdziarski <jonathan () cafejesus com> To: bugtraq () securityfocus com Subject: Bug in scp v3.0.1 I was scp'ing a 2MB file to my home computer over a DSL line and just happened to run top at the same time. I immediately noticed this line: 13864 root 1 30 0 2884K 1744K run 0:38 42.00% sshd2 It appears that scp'ing a file over a slow connection causes the process to suck up a huge number of resources. There's most likely no usleep() somewhere it's needed. A couple scp's over slow connections could severely degrade the boxes performance. This test was performed on a Solaris 8_x86 machine.
mATT ************************************************************************* A neurotic worries about going crazy, but never will A psychotic IS crazy, but doesn't worry about it! ....... Don't worry, be happy!!! >:} *************************************************************************
Current thread:
- Re: Bug in scp v3.0.1 Matt Forrest (Oct 31)
- <Possible follow-ups>
- Re: Bug in scp v3.0.1 Brad Arlt (Oct 31)
- Re: Bug in scp v3.0.1 Nate Eldredge (Oct 31)
- RE: Bug in scp v3.0.1 Jonathan A. Zdziarski (Oct 31)