Vulnerability Development mailing list archives
Re: ProFTPD 1.2.2rc2 DoS
From: Daniel Roesen <dr () cluenet de>
Date: Mon, 4 Jun 2001 02:00:54 +0200
On Sun, Jun 03, 2001 at 10:53:34PM +0000, Daniel wrote:
I've discovered that ProFTPD 1.2.2rc2 has a bug - each instance of the daemon can be crashed remotely:
In which regard is that to be considered a DoS? You are shooting only your own session.
This happens when the PASS command is received before the USER command: box:~# telnet 127.0.0.1 21 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 220 ProFTPD 1.2.2rc2 Server (ProFTPD Default Installation) [box.xxx.com] pass Connection closed by foreign host. box:~# If you run proftpd -d 5, (debug mode, level 5) in the logs you see: box.xxx.com (localhost[127.0.0.1]) - FTP session opened. box.xxx.com (localhost[127.0.0.1]) - received: PASS (hidden) box.xxx.com (localhost[127.0.0.1]) - ProFTPD terminating (signal 11)
I cannot reproduce that here: Connected to localhost (127.0.0.1). Escape character is '^]'. 220 ProFTPD 1.2.2rc2 Server (ProFTPD Default Installation) [localhost] pass 503 Login with USER first. pass foo 503 Login with USER first. Logging: localhost (localhost[127.0.0.1]) - FTP session opened. localhost (localhost[127.0.0.1]) - received: PASS (hidden) localhost (localhost[127.0.0.1]) - received: PASS (hidden) <sarcasm> Thanks for not mailing security () proftpd org btw... </sarcasm> Regards, Daniel (dr () proftpd org)
Current thread:
- ProFTPD 1.2.2rc2 DoS Daniel (Jun 03)
- Re: ProFTPD 1.2.2rc2 DoS Daniel Roesen (Jun 03)
- Re: ProFTPD 1.2.2rc2 DoS Kurth Bemis (Jun 04)
- Odp: ProFTPD 1.2.2rc2 DoS ma (Jun 04)