Re: WU-FTPD 2.6.2 Freezer

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: WU-FTPD 2.6.2 Freezer
From: Luca Berra <bluca@xxxxxxxxxx>
Date: Sat, 1 Nov 2003 15:47:36 +0100
In-reply-to: <20031031194044.GD27612@xxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mail-followup-to: bugtraq@xxxxxxxxxxxxxxxxx
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20031031145543.19772.qmail@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20031031194044.GD27612@xxxxxxxxx>
User-agent: Mutt/1.4.1i

On Fri, Oct 31, 2003 at 11:40:44AM -0800, Seth Arnold wrote:

On Fri, Oct 31, 2003 at 02:55:43PM -0000, Angelo Rosiello wrote:

        for( i=0; i<loop; i++ )
        {
                write( sd, "LIST -w 1000000 -C\n", 19 );
        }


It is probably worth pointing out that it is FSF ls(1) at fault here;
wu-ftpd just provides a convenient way for potentially unauthenticated
users to DoS the machine. If your OS supports rlimits (ulimit(3)), I
believe they will provide reliable protection against this problem.


it might be also worth noting that wu-ftpd can be rebuilt with internal
ls code.

regards,
L.

--
Luca Berra -- bluca@xxxxxxxxxx
       Communication Media & Services S.r.l.
/"\
\ /     ASCII RIBBON CAMPAIGN
 X        AGAINST HTML MAIL
/ \

References:
- WU-FTPD 2.6.2 Freezer
  - From: Angelo Rosiello
- Re: WU-FTPD 2.6.2 Freezer
  - From: Seth Arnold

Prev by Date: Immunix Secured OS 7+ fileutils update
Next by Date: BRS WebWeaver 1.06 remote DoS vulnerability
Previous by thread: Re: WU-FTPD 2.6.2 Freezer
Next by thread: Re: WU-FTPD 2.6.2 Freezer
Index(es):
- Date
- Thread