Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: General :: bt205.txt

bsdbsdftpd-6.0-ssl-0.6.1-1 attack allows remote users identification

Product bsbsdftpd-6.0-ssl-0.6.1-1

During a pen-test we have notice how is easy to identify valid users on
vulnerable systems, through a simple timing attack.

When I try to connect to ftp without ssl using a unreal user with bad 
password I get
immediatly response of incorrect login, when I use real user with bad
password I get 2 second of wait before get message of incorrect login.

It seems to be very nice to the recent CAN-2003-0190 about OpenSSH/PAM
timing attack allows remote users identification

I have tested this on Linux RH 7.3 and RH 8.0

I belive the vulnerability is easy to exploit and may have high
severity, if combined with poor password policies and other security
problems that allow local privilege escalation.

Alessandro Fiorenzi aka netexpress



Consulente Tribunale Firenze - sicurezza informatica -
System Administrator
Socio CLUSIT <file:///home/fiore/signature/>, ALSI 

Tel : +
CE : +39.335.64.144.77
@Email :
PGP Key:

            *"Faber est suae quisque fortunae" *


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH