[NEWS] The Netware FTP Server Contains a DoS vulnerability

From: support@securiteam.com
Date: 05/08/02

From: support@securiteam.com
To: list@securiteam.com
Date: Wed,  8 May 2002 18:18:42 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  The Netware FTP Server Contains a DoS vulnerability


The Netware FTP server has a DOS vulnerability. An attacker could cause
the server CPU to spike at 100% CPU hogging the server and causing a DOS,
preventing legitimate users access to the server.


Vulnerable systems:
 * Novell Netware 6.0 SP 1

An attacker could cause the server to spike at 100% CPU, prohibiting
legitimate users to access the server. This is done by connecting to the
server using netcat or telnet and simply typing an enter. Due to the
impact of this issue, it is not recommended to have unprotected ftp
servers on public networks. Since there is no patch yet, we urge you to
shutdown the ftp server or filter incoming connections as soon as

Disable the ftp server or make sure only trusted people can connect to it
by filtering incoming connections.

Install patch from Novell as soon as it becomes available.

Vendor status:
Novell was contacted 20020408 but has not yet responded to the issue.


The information has been provided by
<mailto:patrik.karlsson@se.pwcglobal.com> Patrik Karlsson &
<mailto:jonas.landin@ixsecurity.com> Jonas Lšndin.


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com


The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages

  • RE: FTP and ISA setup
    ... Please follow the instruction described on the following KB to enable external clients to access your FTP server. ... Local port: Fixed port ... Change the EnablePortAttack value to 1. ...
  • Re: Is this a 3-Leg Perimeter scenario?
    ... Do you mean the FTP server is hosted on the ... This newsgroup only focuses on SBS technical issues. ... The detailed network diagram. ...
  • Re: Microsoft FTP Server problem on W2K?
    ... client (rather than another server, as in proxy transfer), the IP address ... port) currently in use on the control connection. ... >the remote FTP server was, at least at a TCP level, prepared to accept the ...
  • Re: How to develop FTP Server On PPC?
    ... FTP server due to licensing restrictions. ... the server portions (there's no FTP client to my knowledge on CE), ... © 2003 Microsoft Corporation. ...
  • Re: Security Problem...
    ... This has happened before on other installations of ... I checked the IIS web server and FTP server logs and the only IP address is ... As far as my Firewall logs, ...