DoS due to GNU globbing functions

bug-glibc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DoS due to GNU globbing functions

From:	Rob klein Gunnewiek
Subject:	DoS due to GNU globbing functions
Date:	Thu, 12 Dec 2002 18:36:09 +0100 (MET)

Hello,

I discovered a DoS vulnerability in ProFTPd 1.2.5 and 1.2.7rc3 which use
the GLIBC globbing functions.
TJ Saunders pointed out to me that the DoS vulnerability was caused by the
globbing functions in GLIBC used by ProFTPD, which makes this
vulnerability likely to exist in other software as well.

The method used was:

STAT /*/*/*/*/*/*/*
or
LIST /*/*/*/*/*/*/*

Note: this method seems to be different than:

LIST ../*/../*/../*/../*

and the like vulnerabilities reported awhile ago.

I have only tested this against slackware 8.1 default install + proftpd
v1.2.4 and 1.2.7rc3.

Rob.

[Prev in Thread]

Current Thread

[Next in Thread]

DoS due to GNU globbing functions, Rob klein Gunnewiek <=
- Re: DoS due to GNU globbing functions, Rob klein Gunnewiek, 2002/12/14

Prev by Date: Re: strlen arm BigEndian glibc bug
Next by Date: inexplicable link error when building glibc
Previous by thread: strlen arm BigEndian glibc bug
Next by thread: Re: DoS due to GNU globbing functions
Index(es):
- Date
- Thread