Date: Fri, 12 Sep 1997 12:58:15 -0500 From: Wm Brian McCane <root@bmccane.uit.net> To: Tom <tom@sdf.com> Cc: Kenny Hanson <khanson@pdspc.com>, "'Josef Karthauser'" <joe@pavilion.net>, "FreeBSD Hackers (E-mail)" <freebsd-hackers@FreeBSD.ORG> Subject: Re: FTP compromise. Message-ID: <199709121758.MAA20154@bmccane.uit.net> In-Reply-To: Your message of "Tue, 09 Sep 1997 09:58:44 PDT." <Pine.BSF.3.95q.970909095709.26597B-100000@misery.sdf.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > On Tue, 9 Sep 1997, Kenny Hanson wrote: > > > I just successfully shot my cpu utilization up to 100% without any hopes > > of seeing it come down. I had to kill the ftp process before the system > > returned to a normal state. This is definitely D.O.S... anybody out > > there > > have any ideas on how to erradicate this? I ran this for 15 minutes > > before > > Don't use wu-ftpd? The stock ftpd has lots of new features now, and can > also have a builtin ls, which gives it a perf boost over wu-ftpd. > > Also, it doesn't say which version of wu-ftpd was used. I know there > are new versions from academ. > > Tom > Actually, there is a simple/logical fix to this. They should not allow '/../' after any `valid' information is placed in a path. ie. they should allow: ../../../../../* but NOT ../*/../../../* brian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199709121758.MAA20154>