> Within the last few hours it's become clear theres a simple DoS in
> Cobalt's FTPd which causes the RaQ (2/3/4i) to shoot to 100% cpu load.
> Repeat the steps a few times (takes minutes to do) and the RaQ completely
> stops responding (well, it becomes so lagged its completely unusable at
> any rate), and you have to hit the reset switch.
There is now a published workaround which I've tested on both RaQ3'sand
RaQ4's:
http://bugs.proftpd.org/show_bug.cgi?id=1066
Basically, you need to add the follwing filter to your /etc/proftpd.conf
file with the <Global></Global> directive:
DenyFilter \*.*/
Don't forget to restart inetd too:
/etc/rc.d/init.d/inet restart
Regards,
Jonathan Michaelson
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
