netbsd-bugs: Possible bug with ls or ftpd ?

Subject: Possible bug with ls or ftpd ?
To: None <netbsd-bugs@netbsd.org>
From: Frank DENIS \(Jedi/Sector One\) <j@4u.net>
List: netbsd-bugs
Date: 03/15/2001 09:49:55

  Hello, and sorry if this isn't the right list to post this.
  
  I'm not a NetBSD user, however, I just noticed something strange on the
ftp.netbsd.org FTP server :

ftp ftp.netbsd.org
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>  ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
229 Entering Extended Passive Mode (|||62254|)
200 EPRT command successful.

  Then, the connection freezes for a while and the client aborts with :
  
421 Service not available, remote server timed out. Connection closed
  
  I guess the command takes a lot of CPU time, and a possible DOS can follow.
  
  Please apologize if this is a known bug, but I have no NetBSD system to
check if this is a real issue or if I'm mistaken.
  
  Best regards,
  
-- 
  -=- Frank DENIS aka Jedi/Sector One < spam@jedi.claranet.fr > -=-
		LINAGORA SA (Paris, France) : http://www.linagora.com