Re: Serv-U 2.5i DoS

[Sommer Ishay <ishaybas () NETVISION NET IL>]

Was the flooding done in remote? if so what was the connection speed between
the 2 computers?
And, is it possible that the resources usage was high due to messages being
printed to console screen of the servu?

Ishay

> -----Original Message-----
> From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of
> Steven, Bates
> Sent: Sunday, February 25, 2001 4:55 PM
> To: VULN-DEV () SECURITYFOCUS COM
> Subject: Serv-U 2.5i DoS
>
>
> Hi, I think I found another DoS issue in Serv-U 2.5i:
>
> I've downloaded the "Fixed" version of Serv-U yesterday. I
> installed it on one
> of my pc's and started %windir%\RSRCMTR.EXE to see how many
> resources are used
> when I flood it. Then I started to play around with the server:
>
> Ftp> open server
> Connected to server.
> 220 Serv-U FTP-Server v2.5i for WinSock ready...
>
> I coded a little java application which flooded the server
> with 0x00 chars,
> but at least that bug was fixed.
> So I tried other chars and found out, that 0xff was a good choice. The
> application just sends out 0xff chars in a never ending loop
> (I added a
> Counter to see how much chars are needed to block/crash it).
>
>  char nuke=0xff;
>  int Counter=0;
>
>  while(true)
>   {
>    sout.print(nuke);
>    Counter++;
>    if(Counter%10000==0)
>     System.out.println(Counter+" 0xff sent");
>   }
>
>
> I started it, and the resources got lower and lower. When
> about 290000 0xff
> chars were sent, there was a popup (I am sure every Win9x
> user saw it once)
> which said that 90% of the resources were already used, and
> that some programs
> should be closed. I tried to click the "OK" button, but the
> popup did not
> react. I also noticed that the mouse cursor was moving
> strange... I tried to
> login from an other pc:
>
> Ftp>open Server
> Connected to server.
> Connection closed by remote host.
>
> but as you can see, it did not work - the connection closed
> after the timeout.
> Then I stopped the java application with STRG-C, the resource
> icon became
> green, the popup dissappeared (it finally noticed that I had
> clicked on it)
> and the server was working fine again.
>
> While writing this, I was testing the flooder, but after
> seeing the popup on
> the screen, I forgot to stop the flooder. When I finally
> noticed that, I
> stopped it - it had already sent about 2,5 Million 0xff chars
> to the server. I
> tried to connect to the ftpd, but I couldn't - I was connected and
> immediatley(!) disconnected. I tested it again, but this only
> works sometimes,
> i have now idea why.
>
> I do not know why the server acts like this, but this issue
> should really
> should be fixed.
>
> !! THE FLOODER DOES NOT WORK, IF THE SERV-U ICON IS JUST IN
> THE TRAY, YOU NEED
> TO SEE THE LOGGING SCREEN !!
> !! I was only able to repoduce this behaviour on Win95, on
> Win98 it did not
> seem to do anything !!
>
>
> [Craig]
> http://www.HaQuarter.De/