Date: Sun, 6 Jun 1999 12:55:17 -0500 (CDT) From: Igor Roshchin <igor@physics.uiuc.edu> To: freebsd-security@freebsd.org Subject: Q.: any new ftp vulnerabilities ? Message-ID: <199906061755.MAA03136@alecto.physics.uiuc.edu>
next in thread | raw e-mail | index | archive | help
Hello! I have observed a few occasions when some people were establishing multiple connections to the ftp server within the last week (there is no anonymous access, so it should not be "by mistake"). Usually, the logs do not indicate any attempt of login, even as anonymous. The frequency of connects (reported by tcpwrapper) is not too high, but probably indicated that those are launched by a script (about 25-35 connections within 2-5 minutes). I haven't seen any new security hole or DOS vulnerability in any ftpd recently (except the one found in February or so, regarding the realpath, and some similar issues, but that hole would not require multiple connects), so I wonder if anybody has observed anything similar, and if anybody knows of any new vulnerability ? IgoR PS. The machine is running 2.2.7 and wu-ftpd-2.4.2v17. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906061755.MAA03136>