Re: proftpd exploit??

To: debian-security@lists.debian.org
Subject: Re: proftpd exploit??
From: Rainer Weikusat <weikusat@mail.uni-mainz.de>
Date: 27 May 2001 08:36:43 +0200
Message-id: <87u227xpqc.fsf@winter.inter-i.uni-mainz.de>
In-reply-to: yoros@terra.es's message of "Sat, 26 May 2001 17:11:56 +0200"
References: <20010524194350.A732@central.casita> <20010524203456.A18569@a184107.studnetz.uni-leipzig.de> <20010526024902.7b446c93.drudis@terra.com.br> <20010526171156.A7076@morpheus.matrix.com>

yoros@terra.es writes:
> Ok. I think that this thing is considered a DoS attack...
> This "attack" can be turned off adding the following line to the
> configuration file (- proftpd.conf -):

[weikusat@karfinux]:/var/log $grep ^ftp /etc/security/limits.conf  
ftp             hard    rss             8192

Even with proftpd's broken PAM support, this will work, 'cos it at
least calls pam_session* (which in turn calls closelog(3)...)

> Thanks to "proftpd",

which someone from South Corea segfaulted for hours on end a while
ago. Since then, we are running a modified linux-ftpd...

-- 
SIGSTOP

Reply to:

References:
- proftpd exploit??
  - From: Andres Herrera <aherrerm@escomposlinux.org>
- Re: proftpd exploit??
  - From: Matthias Richter <matthias@vielfalt.de>
- Re: proftpd exploit??
  - From: Marcelo Drudi Miranda <drudis@terra.com.br>
- Re: proftpd exploit??
  - From: yoros@terra.es

Prev by Date: Re: X & tcp listening
Next by Date: port 812
Previous by thread: Re: proftpd exploit??
Next by thread: RE: proftpd exploit??
Index(es):
- Date
- Thread