/
Bugzilla – Bug 3587
mod_sftp Integer Overflow DoS
Last modified: 2011-02-12 13:04:55 UTC
The following DoS just showed up today: http://www.exploit-db.com/exploits/16129/ Is this related to bug #3586?
It appears that this is indeed the same issue as Bug#3586. When I run the Perl script in the link, in the SFTPLog/TraceLog I see: Feb 12 10:01:45 [56007] <ssh2:20>: SSH2 packet len = 2164260863 bytes Feb 12 10:01:45 [56007] <ssh2:20>: SSH2 packet padding len = 65 bytes Feb 12 10:01:45 [56007] <ssh2:20>: SSH2 packet payload len = 2164260797 bytes Feb 12 10:01:45 [56007] <ssh2:20>: payload len (2164260797 bytes) exceeds max payload len (262144), ignoring payload Feb 12 10:01:45 mod_sftp/0.9.7[56007]: client sent buggy/malicious packet payload length, ignoring which is exactly the same symptoms as in Bug#3586. Thus I'm marking this as a duplicate. Thanks! *** This bug has been marked as a duplicate of bug 3586 ***