Home page logo
/

bugtraq logo Bugtraq mailing list archives

FTP DoS - PORT and PASV effected.
From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Wed, 8 Dec 1999 08:19:41 +1100


In some mail from Renaud Deraison, sie said:

On Tue, 7 Dec 1999, Darren Reed wrote:

Who has more free file descriptors & network ports, you or the ftp server ?


The attack you are describing is not new - this is just a PASV attack,
which has been around for years.

Hopefully, this problem is now solved.
[...]

btw, a similar sort of attack can be mounted using the PORT command.
You just need to setup a local listener, etc, or get the ftp server
to try connect to lots of network 10 sites in < 75 seconds before
TCP connect's start timing out.  I'll leave that as an exercise for
the reader - a correct fix for the PASV problem should fix this one
as well (and the exploit is almost the same too).

Darren


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]