[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Memory leak in ProFTPD daemon

Title: Memory leak in ProFTPD daemon
Released by: Piotr Zurawski [fb]
Date:
Printable version: Click here
  This is sample code to demonstrate effects of memory leak in

ProFTPD daemon. As far as I know all available versions up to date

(19.12.2000) are vulnerable to this.



  This bug is not dangerous, if you run one instance of included code.

But wonder, what will happen, if someone will run about 20 sessions...

Wojciech Purczynski reported, that memory leak exists also, when other

FTP commands are invoked (eg. STAT).

  Of course daemon will consume only as much, as it's defined in limits

of the user, daemon runs as. If you use setrlimit()in source, pam, or

ulimit before you start the daemon, this probably won't hurt so much.







--

Piotr Zurawski [fb]

szur@ix.renet.pl










(C) 1999-2000 All rights reserved.