Signature Detail
Short Name |
FTP:PROFTP:SIZE-DOS2 |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
FTP |
Keywords |
ProFTPD Size DoS (Detected by Pathname) |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
FTP: ProFTPD Size DoS (Detected by Pathname)
This signature detects attempts to exploit a known vulnerability in ProFTPD. Version 1.2.0pre* is vulnerable. Attackers can send multiple SIZE requests with a static pathname to create a denial-of-service (DoS) condition.
Extended Description
A memory leak has been reported in all versions of ProFTPd. The SIZE FTP command causes the server to misallocate and leak small amounts of memory each time the command is executed. If a sufficient number of these commands are executed by the server, substantial amounts of system memory can be consumed, allowing a remote attacker to carry out a denial of service attack on the affected host. This could be problematic if anonymous FTP is enabled or if a malicious local user has been supplied with an FTP login ID.
Affected Products
- ProFTPD Project ProFTPD 1.2.0
- ProFTPD Project ProFTPD 1.2.0 Pre1
- ProFTPD Project ProFTPD 1.2.0 Pre11
- ProFTPD Project ProFTPD 1.2.0 Pre2
- ProFTPD Project ProFTPD 1.2.0 Pre3
- ProFTPD Project ProFTPD 1.2.0 Pre4
- ProFTPD Project ProFTPD 1.2.0 Pre5
- ProFTPD Project ProFTPD 1.2.0 Pre6
- ProFTPD Project ProFTPD 1.2.0 Pre7
- ProFTPD Project ProFTPD 1.2.0 Pre8
- ProFTPD Project ProFTPD 1.2.0 Pre9
References
- BugTraq: 2185
- CVE: CVE-2001-0136
- URL: http://www.securityfocus.com/advisories/3102
- URL: http://www.securityfocus.com/advisories/3106