> -Original Message-
> From: Marcelo Drudi Miranda [mailto:[EMAIL PROTECTED]
> Sent: 26. svibanj 2001 4:49
> To: debian-security@lists.debian.org
> Subject: Re: proftpd exploit??
>
>
> Em Thu, 24 May 2001 20:34:56 +0200
> Matthias Richter <[EMAIL PROT
> -Original Message-
> From: Marcelo Drudi Miranda [mailto:[EMAIL PROTECTED]]
> Sent: 26. svibanj 2001 4:49
> To: [EMAIL PROTECTED]
> Subject: Re: proftpd exploit??
>
>
> Em Thu, 24 May 2001 20:34:56 +0200
> Matthias Richter <[EMAIL PROTECTED]> escrev
[EMAIL PROTECTED] writes:
> Ok. I think that this thing is considered a DoS attack...
> This "attack" can be turned off adding the following line to the
> configuration file (- proftpd.conf -):
[EMAIL PROTECTED]:/var/log $grep ^ftp /etc/security/limits.conf
ftp hardrss
[EMAIL PROTECTED] writes:
> Ok. I think that this thing is considered a DoS attack...
> This "attack" can be turned off adding the following line to the
> configuration file (- proftpd.conf -):
[weikusat@karfinux]:/var/log $grep ^ftp /etc/security/limits.conf
ftp hardrss
On Sat, May 26, 2001 at 02:49:02AM +, Marcelo Drudi Miranda wrote:
> Em Thu, 24 May 2001 20:34:56 +0200
> Matthias Richter <[EMAIL PROTECTED]> escreveu:
>
> > Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
> > [proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
On Sat, May 26, 2001 at 02:49:02AM +, Marcelo Drudi Miranda wrote:
> Em Thu, 24 May 2001 20:34:56 +0200
> Matthias Richter <[EMAIL PROTECTED]> escreveu:
>
> > Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
> > [proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
Matthias Richter wrote:
>
> Marcelo Drudi Miranda wrote on Sat May 26, 2001 at 02:49:02AM:
> > Matthias Richter <[EMAIL PROTECTED]> escreveu:
> >
> > > Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
> > > [proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
> > > > A
Marcelo Drudi Miranda wrote on Sat May 26, 2001 at 02:49:02AM:
> Matthias Richter <[EMAIL PROTECTED]> escreveu:
>
> > Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
> > [proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
> > > Any solution??
> >
>
> This is a expl
Em Thu, 24 May 2001 20:34:56 +0200
Matthias Richter <[EMAIL PROTECTED]> escreveu:
> Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
> [proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
> > Any solution??
>
This is a exploit or a Dos atack?
--
__
Matthias Richter wrote:
>
> Marcelo Drudi Miranda wrote on Sat May 26, 2001 at 02:49:02AM:
> > Matthias Richter <[EMAIL PROTECTED]> escreveu:
> >
> > > Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
> > > [proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
> > > >
Marcelo Drudi Miranda wrote on Sat May 26, 2001 at 02:49:02AM:
> Matthias Richter <[EMAIL PROTECTED]> escreveu:
>
> > Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
> > [proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
> > > Any solution??
> >
>
> This is a exp
Em Thu, 24 May 2001 20:34:56 +0200
Matthias Richter <[EMAIL PROTECTED]> escreveu:
> Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
> [proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
> > Any solution??
>
This is a exploit or a Dos atack?
--
_
Hi!!
Thanks to everybody (and sorry for my english 0:) )
I've choosed the DenyFilter option and everything goes OK again :- The user
just get and "Forbidden command argument" message.
... and certainly I'm subcribing my account to the proftpd mailing list ;-)
Thanks again
--
101 Things you
Zak Kipling wrote:
>
> On Thu, 24 May 2001, Andres Herrera wrote:
>
> > I've tried to exploit it by login and sending:
> > ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../
> > and suddenly it began eating memory and getting slow all the system.
> ...
> > Any solution??
>
> Resource limit
Zak Kipling wrote:
> On Thu, 24 May 2001, Andres Herrera wrote:
>
> > I've tried to exploit it by login and sending:
> > ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../
> > and suddenly it began eating memory and getting slow all the system.
> ...
> > Any solution??
>
> Resource limits
There was a discussion on this on the proftpd mailing list. Go to
www.proftpd.org and check the archives. If I can dredge the answer up from
old saved email I'll post here. You might also want to join that mailing
list for help on this and future issues.
At 07:15 PM 5/24/2001 +0100, Zak K
On Thu, May 24, 2001 at 07:43:50PM +0200, Andres Herrera wrote:
> Hi!!
>
> I have Potato in a machine, with
>
> ii proftpd1.2.0pre10-2.0 Versatile, virtual-hosting FTP daemon
>
> It's the last version in security.debian.org
>
> I've tried to exploit it by login and sending:
>
> ls ..
Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
[proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
> Any solution??
There was mentioned a suggested entry (ment as an intermediate solution
until proftpd has been fixed) to /etc/proftpd.conf:
DenyFilter \*.*/
hth,
Ma
On Thu, 24 May 2001, Andres Herrera wrote:
> I've tried to exploit it by login and sending:
> ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../
> and suddenly it began eating memory and getting slow all the system.
...
> Any solution??
Resource limits on the ftp server process?
Zak.
Hi!!
Thanks to everybody (and sorry for my english 0:) )
I've choosed the DenyFilter option and everything goes OK again :- The user
just get and "Forbidden command argument" message.
... and certainly I'm subcribing my account to the proftpd mailing list ;-)
Thanks again
--
101 Things yo
Zak Kipling wrote:
>
> On Thu, 24 May 2001, Andres Herrera wrote:
>
> > I've tried to exploit it by login and sending:
> > ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../
> > and suddenly it began eating memory and getting slow all the system.
> ...
> > Any solution??
>
> Resource limi
On Thu, May 24, 2001 at 07:43:50PM +0200, Andres Herrera wrote:
> Hi!!
>
> I have Potato in a machine, with
>
> ii proftpd1.2.0pre10-2.0 Versatile, virtual-hosting FTP daemon
>
> It's the last version in security.debian.org
>
> I've tried to exploit it by login and sending:
>
> ls .
Andres Herrera wrote on Thu May 24, 2001 at 07:43:50PM:
[proftpd exploit ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../]
> Any solution??
There was mentioned a suggested entry (ment as an intermediate solution
until proftpd has been fixed) to /etc/proftpd.conf:
DenyFilter \*.*/
hth,
M
On Thu, 24 May 2001, Andres Herrera wrote:
> I've tried to exploit it by login and sending:
> ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../
> and suddenly it began eating memory and getting slow all the system.
...
> Any solution??
Resource limits on the ftp server process?
Zak.
--
24 matches
Mail list logo