Security Incidents mailing list archives

Re: Am I Hacked??

From: noel () KOETHE NET (Noel Koethe)
Date: Mon, 15 May 2000 23:37:38 +0200


On Mon, 15 May 2000, dorqus wrote:

There are buffer overflows in older versions of proFTPD.
Be sure you are running 1.0pre9 or later (I think pre10 is the latest)


1.2.0pre10

see http://www.proftpd.net/

May  8 02:34:19 ns proftpd[22670]: FTP session opened: stock/users 202.79.159.5[
202.79.159.5]
May  8 02:38:16 ns proftpd[22687]: FTP session opened: stock/users ns.3dbot.com[
211.32.116.200]
May  8 02:38:18 ns proftpd[22687]: reallocating sreaddir buffer from 2816 bytes
to 5632 bytes.
May  8 02:38:20 ns proftpd[22687]: reallocating sreaddir buffer from 1280 bytes
to 2560 bytes.
May  8 02:38:23 ns proftpd[22687]: reallocating sreaddir buffer from 2304 bytes
to 4608 bytes.
May  8 02:38:28 ns proftpd[22687]: reallocating sreaddir buffer from 1792 bytes
to 3584 bytes.
May  8 02:38:29 ns proftpd[22687]: reallocating sreaddir buffer from 2816 bytes
to 5632 bytes.
May  8 02:38:32 ns proftpd[22687]: Warning, attempt to overflow internal ProFTPD
 buffers.
May  8 02:38:49 ns last message repeated 20457 times



--
Noel Koethe
                                                        www.kernelnotes.de

Current thread:

Am I Hacked?? ֲקֱײַ (May 11)
- Re: Am I Hacked?? dorqus (May 15)
  - Re: Am I Hacked?? Noel Koethe (May 15)
- Bugtraq Stats for the last 3 years available now. Alfred Huger (May 15)
- <Possible follow-ups>
- Re: Am I Hacked?? Fernando Cardoso (May 15)