| VID |
16141 |
| Severity |
40 |
| Port |
21, ... |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
According to its banner, the version of ProFTPD installed on the remote host is earlier than 1.3.3c. Such versions are reportedly affected by the following vulnerabilities :
- When ProFTPD is compiled with 'mod_site_misc' and a directory is writable, a user can use 'mod_site_misc' to create or delete a directory outside the writable directory, create a symlink located outside the writable directory, or change the time of a file located outside the writable directory. (Bug #3519)
- A stack-based buffer overflow exists in the server's 'pr_netio_telnet_gets()' function, which can be triggered by when reading user input containing a TELNET_IAC escape sequence. (Bug #3521)
* Note: This check solely relied on the banner of the remote FTP server to assess this vulnerability, so this might be a false positive.
* References:
http://www.zerodayinitiative.com/advisories/ZDI-10-229/
http://bugs.proftpd.org/show_bug.cgi?id=3519
http://bugs.proftpd.org/show_bug.cgi?id=3521
http://www.proftpd.org/docs/RELEASE_NOTES-1.3.3c
* Platforms Affected:
ProFTPD Project, ProFTPD versions prior to 1.3.3c
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of ProFTPD (1.3.3c or later), available from the ProFTPD Web site at http://www.proftpd.org/ |
| Related URL |
CVE-2010-3867 (CVE) |
| Related URL |
44562 (SecurityFocus) |
| Related URL |
(ISS) |
|
