[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] FTPD DoS

Subject: [cobalt-security] FTPD DoS
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Thu, 15 Mar 2001 19:28:19 +0000 (GMT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi,

Within the last few hours it's become clear theres a simple DoS in
Cobalt's FTPd which causes the RaQ (2/3/4i) to shoot to 100% cpu load.
Repeat the steps a few times (takes minutes to do) and the RaQ completely
stops responding (well, it becomes so lagged its completely unusable at
any rate), and you have to hit the reset switch.

The exact steps to reproduce the problem have been published on bugtraq.
The proftpd dev team are working on a fix - presuming Cobalt keep up their
excellent patch response time of late expect a patch sometime soonish.

This one is so easy to do a kid with a copy of Windows 95 ftp.exe can do
it, and it takes down just about any RaQ, so make sure you install
relevant patches when they are made available.

For those interested, the problem appears to affect many different FTPds -
for example it is reproducable on all NT4/5 boxes running MS's FTPD.

Regards,
Gossi.

Follow-Ups:
- Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)
  - From: Jonathan Michaelson
- Re: [cobalt-security] Open letter to SUN/Cobalt
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] Upgrade of BIND to 8.2.3
Next by Date: Re: [cobalt-security] Upgrade of BIND to 8.2.3
Previous by thread: RE: [cobalt-security] Anyone installed IPChains?
Next by thread: Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index