FTP: Globbing Denial of Service
This signature detects attempts to exploit a known vulnerability against ProFTPD, Microsoft IIS and other FTP servers. Due to inadequate globbing algorithms, attackers can send wildcards in the argument of a maliciously crafted command to create a denial of service on the server.
Extended Description
Many FTP servers are vulnerable to a denial of service condition resulting from poor globbing algorithms and user resource usage limits. Globbing generates pathnames from file name patterns used by the shell, eg. wildcards denoted by * and ?, multiple choices denoted by {}, etc. The vulnerable FTP servers can be exploited to exhaust system resources if per-user resource usage controls have not been implemented.
Affected Products
Freebsd freebsd
References
BugTraq: 2496
CVE: CVE-2001-0136
URL: http://bugs.proftpd.org/show_bug.cgi?id=1066 http://www.mandriva.com/security/advisories?name=MDKSA-2002:005
Short Name
FTP:DOS:GEN-GLOB-DOS
Severity
Minor
Recommended
False
Recommended Action
None
Category
FTP
Keywords
CVE-2001-0136 Denial Globbing Service bid:2496 of
Release Date
12/18/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Proftpd_project
Openbsd
Apple
Sun
Hp
Washington_university
Beroftpd
Pureftpd
Freebsd
Mandriva
Suse
Trolltech
Debian
Ibm
CVSS Score
5.0