| VID |
16014 |
| Severity |
30 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The FTP server allows the CHMOD command to be executed. Some File Transfer Protocol (FTP) servers could be misconfigured to allow users to execute the CHMOD command on files under the FTP directory structure. Such a misconfiguration could allow an attacker to modify files or replace files with trojan horse programs.
If a sensitive directory is owned by ftp, then an anonymous ftp user can SITE CHMOD the sensitive directory from unwriteable to writeable. Once this has happened, the user can add certian files to the sensitive directory that would allow him shell access to the ftp account, thus to further compromise the system.
* References:
http://www.iss.net/security_center/static/1843.php
http://catless.ncl.ac.uk/Risks/16.84.html#subj1 |
| Recommendation |
Configure your FTP server to not allow users to execute the CHMOD command, and make sure the home directory is owned by root and that all files and directories are not owned by ftp.
* If using wu-ftp, It is a good idea administrator to set up unique directories where files may be placed via anonymous ftp and allowed users not to create any new directories. The permissions and owners of these files can be set in the /etc/ftpaccess file. As the /etc/ftpaccess file has the permissions and owners of these files, it is advised to change the owner and read permissions so that only an administrator, or person whose job it is to retrieve these files can see them and read them via ftp. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
