this cross-protocol HTTPS/FTP attack is really interesting http://bugs.proftpd.org/show_bug.cgi?id=4143#c0 … we may face a can of x-prot worms here
@hanno more interesting would be SMTP/IMAP/POP3 or so because of popularity - played with some popular servers, found nothing
-
-
@tehjh you mention in the proftp bug report that you found dovecot being "brittle", have you written that down detailed anywhere? -
@hanno no, but the gist: it killed conns after too many bad commands, and the limit was just low enough to not allow exploitation with IE - 7 more replies
New conversation -
-
-
@hanno sending back the command name is rather uncommon, the data-connection thing is uncommon, and FTP servers are very error-tolerant -
@hanno some servers kill the connection for sending data before protocol allows it, some for using invalid commands - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.