|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: jeev (geonap
pacbell.net)Date: Mon Aug 20 2001 - 16:29:30 CDT
Tested on slack 8 with 1.2.2rc3 no problem, and with 1.2.2 no problem:
ftp> ls /../*/../*/../*/../*/../*/../*/../*
200 PORT command successful.
150 Opening ASCII mode data connection for file list.
226-Out of memory during globbing of /../*/../*/../*/../*/../*/../*/../*
226 Transfer complete.
ftp>
j
-----Original Message-----
From: skip [mailto:skipfif3.com]
Sent: Monday, August 20, 2001 1:36 PM
To: bugtraqsecurityfocus.com
Subject: Re: Multiple-Vendor-FTP-Vuln. (old?)
I just tested on Slackware 8 running ProFTPD Version 1.2.1
and no bug... or at least I received the directory listings and no
great CPU load was seen nor did my system hang. Tested via
localhost and a remote host.
---- - skip ---- - p.s. we sincerely apologize to all platypus enthusiasts out - there who are offended by that thoughtless comment about - the platypi. we love the noble platypus, and it is not our - intention to slight these stupid creatures in any way. ----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]