Date: Mon, 20 Jan 2003 21:13:02 -0800 (PST) From: "Crist J. Clark" <cjc@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/libexec/ftpd ftpd.c Message-ID: <200301210513.h0L5D2DB061636@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
cjc 2003/01/20 21:13:02 PST Modified files: libexec/ftpd ftpd.c Log: The FTP daemon was vulnerable to a DoS where an attacker could bind() up port 20 for an extended period of time and thus lock out all other users from establishing PORT data connections. Don't hold on to the bind() while we loop around waiting to see if we can make our connection. Being a DoS, it has security implications, giving it a short MFC time. MFC after: 1 day Revision Changes Path 1.133 +26 -19 src/libexec/ftpd/ftpd.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200301210513.h0L5D2DB061636>