[18322] in bugtraq
Re: Memory leakage in proftpd leads to remote DoS
daemon@ATHENA.MIT.EDU (Wojciech Purczynski)
Fri Dec 22 14:05:10 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.30.0012221339240.22766-100000@alfa.elzabsoft.pl>
Date: Fri, 22 Dec 2000 13:53:01 +0100
Reply-To: Wojciech Purczynski <wp@ELZABSOFT.PL>
From: Wojciech Purczynski <wp@ELZABSOFT.PL>
X-To: tj@RAD.GEOLOGY.WASHINGTON.EDU
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.21.0012201146050.26013-100000@rad.geology.washington.edu>
> The developers of proftpd have tried to confirm this bug, using scripts to
> issue the SIZE command for hundred thousands of iterations, and failed to
> verify that it does indeed exist.
>
> Versions of proftpd tested: pre10, rc1, rc2, and CVS. All failed to show
> symptoms of this memory leak.
I've investigated the problem a little bit more and it seems that this
memory leakage really _exist_ but only if proftpd runs in INETD mode.
If proftpd works as standalone daemon it works fine and does not consume
system memory.
Merry Christmas and Happy New Millenium :)
wp
+--------------------------------------------------------------------+
| Wojciech Purczynski wp@elzabsoft.pl http://www.elzabsoft.pl/~wp |
| GSM: +48604432981 Linux Administrator SMS: wp-sms@elzabsoft.pl |
+------ Public GnuPG Key: http://www.elzabsoft.pl/~wp/gpg.asc ------+
