Note: This is an archival copy of Security Sun Alert 200166 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000121.1.
Solaris 9 Operating System
Solaris 2.6 Operating System
Solaris 7 Operating System
Solaris 8 Operating System
Date of Workaround Release
Date of Resolved Release
A local or remote unprivileged user may be able to disrupt FTP services on Solaris systems which act as FTP servers using the Sun supplied version of in.ftpd(1M).
This issue can occur in the following releases:
Note: Solaris 2.5.1 will not be evaluated for potential impact for the described issue contained in this Sun Alert document.
Every command issued by the FTP client causing the denial of service will hang for a period, (default 60 seconds) and the vunerable FTP server to which that session is connected, will cease to respond to commands from other active mode FTP client's for a duration corresponding to the duration of that hang. During that time, all such commands from other active mode FTP client's will hang and may time out.
Use passive FTP mode during denial of service conditions. Note that most FTP clients default to active mode. To enable passive mode, the ftp(1) command 'passive' needs to be entered before opening an ftp connection or the '-p' option can be supplied. For example:
$ ftp ftp> passive Passive mode on. ftp> open remotehost or $ ftp -p remotehost
SSites using Solaris 9 can configure their FTP servers to only allow access from specified hosts by editing the ftpaccess(4) file. Sites using Solaris 2.6, 7 and 8 can limit access to the in.ftpd(1M) daemon using the freeware package tcp-wrappers which are available from:
Note: The 'passive' mode in ftp(1) is only available on Solaris 9.
This issue is addressed in the following releases:
This solution has no attachment