Bugtraq mailing list archives
RE: Multiple-Vendor-FTP-Vuln. (old?)
From: jeev <geonap () pacbell net>
Date: Mon, 20 Aug 2001 14:29:30 -0700
Tested on slack 8 with 1.2.2rc3 no problem, and with 1.2.2 no problem: ftp> ls /../*/../*/../*/../*/../*/../*/../* 200 PORT command successful. 150 Opening ASCII mode data connection for file list. 226-Out of memory during globbing of /../*/../*/../*/../*/../*/../*/../* 226 Transfer complete. ftp> j -----Original Message----- From: skip [mailto:skip () fif3 com] Sent: Monday, August 20, 2001 1:36 PM To: bugtraq () securityfocus com Subject: Re: Multiple-Vendor-FTP-Vuln. (old?) I just tested on Slackware 8 running ProFTPD Version 1.2.1 and no bug... or at least I received the directory listings and no great CPU load was seen nor did my system hang. Tested via localhost and a remote host. ---- - skip ---- - p.s. we sincerely apologize to all platypus enthusiasts out - there who are offended by that thoughtless comment about - the platypi. we love the noble platypus, and it is not our - intention to slight these stupid creatures in any way. ----
Current thread:
- Multiple-Vendor-FTP-Vuln. (old?) Enrico Kern (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) skip (Aug 20)
- RE: Multiple-Vendor-FTP-Vuln. (old?) jeev (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Scott Dier (Aug 20)
- RE: Multiple-Vendor-FTP-Vuln. (old?) Mike Jakubik (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Bernhard Rosenkraenzer (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Roman Drahtmueller (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Dmitriy Kropivnitskiy (Aug 21)
- <Possible follow-ups>
- Re: Multiple-Vendor-FTP-Vuln. (old?) Michael Faurot (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Robert van der Meulen (Aug 20)
- RE: Multiple-Vendor-FTP-Vuln. (old?) E. van Elk (Aug 20)
- RE: Multiple-Vendor-FTP-Vuln. (old?) Michael Bellears (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) Michael Faurot (Aug 20)
- Re: Multiple-Vendor-FTP-Vuln. (old?) skip (Aug 20)