proftpd exploit??

To: debian-security@lists.debian.org
Subject: proftpd exploit??
From: Andres Herrera <aherrerm@escomposlinux.org>
Date: Thu, 24 May 2001 19:43:50 +0200
Message-id: <20010524194350.A732@central.casita>

Hi!!

I have Potato in a machine, with 

ii  proftpd        1.2.0pre10-2.0 Versatile, virtual-hosting FTP daemon

It's the last version in security.debian.org

I've tried to exploit it by login and sending:

ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../

and suddenly it began eating memory and getting slow all the system.

When I killed proftpd, system was almost KO.

Any solution??

Thanks in advance :-)
--
101 Things you do NOT want your System Administrator to say.
 93. We don't support that. We won't support that.
----------------------------------------------------------------------
Cagarruta <aherrerm@escomposlinux.org>
Linux Reg. User #66054
----------------------------------------------------------------------

Reply to:

Follow-Ups:
- Re: proftpd exploit??
  - From: Zak Kipling <zk201@cam.ac.uk>
- Re: proftpd exploit??
  - From: Matthias Richter <matthias@vielfalt.de>
- Re: proftpd exploit??
  - From: Sven Hoexter <sven@telelev.net>

Prev by Date: Re: Problem with logging firewall packets
Next by Date: Re: proftpd exploit??
Previous by thread: Re: Problem with logging firewall packets
Next by thread: Re: proftpd exploit??
Index(es):
- Date
- Thread