|
 |
|
ProFTPD ASCII Mode File Transfer Buffer Overflow Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA9829
|
|
|
Release Date:
|
2003-09-24
|
|
Last Update:
|
2003-10-30
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | ProFTPD 1.2.x
|
| | CVE reference: | CVE-2003-0831 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
A vulnerability has been identified in ProFTPD, which can be exploited by malicious users to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the ASCII file transfer component when translating newline characters. This can be exploited to cause a buffer overflow by uploading and then downloading a specially crafted file.
Successful exploitation allows execution of arbitrary code with the privileges of the FTP server but requires that the person is logged in and has write access to a directory.
The vulnerability has been reported in the following versions:
* ProFTPD 1.2.7
* ProFTPD 1.2.8
* ProFTPD 1.2.8rc1
* ProFTPD 1.2.8rc2
* ProFTPD 1.2.9rc1
* ProFTPD 1.2.9rc2
Solution:
The ProFTPD Project Team reports that all source distributions have been replaced with patched versions. These can be downloaded at:
ftp://ftp.proftpd.org/
Exploitation can be mitigated by denying write access for all but trusted users. Futhermore, the setting "RootRevoke" can be used, though this may impact functionality.
Provided and/or discovered by:
Mark Dowd, ISS X-Force.
Changelog:
2003-10-30: Added link to CERT vulnerability note.
Original Advisory:
Xforce:
http://xforce.iss.net/xforce/alerts/id/154
ProFTPD:
http://www.proftpd.org/
Other References:
CERT VU#405348:
http://www.kb.cert.org/vuls/id/405348
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
8 Related Secunia Security Advisories
|
|
|
1. ProFTPD Auth API Multiple Authentication Modules Security Issue
|
|
2. ProFTPD "mod_ctrls" Privilege Escalation Vulnerability
|
|
3. ProFTPD mod_tls Buffer Overflow Vulnerability
|
|
4. ProFTPD Two Format String Vulnerabilities
|
|
5. ProFTPD User Enumeration Weakness
|
|
6. ProFTPD CIDR Addressing ACL and "site chgrp" Security Issues
|
|
7. ProFTPD ASCII File Translation Off-By-One Vulnerability
|
|
8. ProFTPD mod_sql SQL Injection
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
