/ Bug 3587 – mod_sftp Integer Overflow DoS
Bug 3587 - mod_sftp Integer Overflow DoS
: mod_sftp Integer Overflow DoS
Status: RESOLVED DUPLICATE of bug 3586
Product: ProFTPD
mod_sftp
: CVS
: PC Linux
: P2 major
Assigned To: TJ Saunders
:
:
:
:
  Show dependency treegraph
 
Reported: 2011-02-07 12:08 UTC by mail
Modified: 2011-02-12 13:04 UTC (History)
0 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description mail 2011-02-07 12:08:11 UTC
The following DoS just showed up today:
http://www.exploit-db.com/exploits/16129/

Is this related to bug #3586?
Comment 1 TJ Saunders 2011-02-12 13:04:55 UTC
It appears that this is indeed the same issue as Bug#3586.  When I run the Perl
script in the link, in the SFTPLog/TraceLog I see:

Feb 12 10:01:45 [56007] <ssh2:20>: SSH2 packet len = 2164260863 bytes
Feb 12 10:01:45 [56007] <ssh2:20>: SSH2 packet padding len = 65 bytes
Feb 12 10:01:45 [56007] <ssh2:20>: SSH2 packet payload len = 2164260797 bytes
Feb 12 10:01:45 [56007] <ssh2:20>: payload len (2164260797 bytes) exceeds max
payload len (262144), ignoring payload
Feb 12 10:01:45 mod_sftp/0.9.7[56007]: client sent buggy/malicious packet
payload length, ignoring

which is exactly the same symptoms as in Bug#3586.  Thus I'm marking this as a
duplicate.  Thanks!

*** This bug has been marked as a duplicate of bug 3586 ***