Date: Wed, 25 Mar 1998 11:03:34 +1100 From: John Saunders <john.saunders@scitec.com.au> To: freebsd-isp@FreeBSD.ORG Subject: Attack for wuftpd Message-ID: <351849D6.89C7C14@scitec.com.au>
next in thread | raw e-mail | index | archive | help
I was just attacked by somebody issuing a LIST /*/../*/../*/../*/.../*
command which caused ftpd to use up all CPU on the server and thrash
the disk. I have a limit on anonymous ftps so they could only get
several of these going.
Has anybody heard about this, or better yet know of a patch to fix it?
Cheers.
-- +------------------------------------------------------------+
. | John Saunders mailto:John.Saunders@scitec.com.au (Work) |
,--_|\ | mailto:john@nlc.net.au (Home) |
/ Oz \ | http://www.nlc.net.au/~john/ |
\_,--\_/ | SCITEC LIMITED Phone +61 2 9428 9563 Fax +61 2 9428 9933 |
v | "By the time you make ends meet, they move the ends." |
+------------------------------------------------------------+
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?351849D6.89C7C14>