Date: Mon, 4 Feb 2013 23:28:53 +0200 From: Alexandr Kovalenko <never@nevermind.kiev.ua> To: Fabian Wenk <fabian@wenks.ch> Cc: freebsd-security@freebsd.org, freebsd-hubs@freebsd.org Subject: Re: Full-Disclosure posting "FreeBSD 9.1 ftpd Remote Denial of Service" Message-ID: <CAJ2Kz1A-Q_if9ZSjA8DV85jLYWRE99jA-765=3AOkm%2Bbt6SOPg@mail.gmail.com> In-Reply-To: <510FE164.6070502@wenks.ch> References: <510FE164.6070502@wenks.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Feb 4, 2013 at 6:27 PM, Fabian Wenk <fabian@wenks.ch> wrote: > A few days ago there was the posting "FreeBSD 9.1 ftpd Remote Denial of > Service" [1] on the Full-Disclosure mailing list. Is this a known issue to > the FreeBSD community? > > [1] > http://lists.grok.org.uk/pipermail/full-disclosure/2013-February/089583.html > > There are also many ftp.*.freebsd.org mirrors listed in the above mention > posting, so I also put freebsd-hubs@ into the recipient list. This will > probably help, that ftp mirror operators are alerted and can take any action > if needed. I can confirm this is an issue on stable/9 r245742. Though I hardly can call it DoS as normally ftp account is running with well-defined ulimits and proper ftpd usage pattern does not generate much CPU usage, so you can keep limits pretty much low, thus not being affected by so-called "DoS". Nevertheless any ideas on how to fix our glob(3)? Regards, Alexandr.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ2Kz1A-Q_if9ZSjA8DV85jLYWRE99jA-765=3AOkm%2Bbt6SOPg>