Executive Summary
Summary | |
---|---|
Title | proftpd security update |
Informations | |||
---|---|---|---|
Name | DSA-2191 | First vendor Publication | 2011-03-14 |
Vendor | Debian | Last vendor Modification | 2011-03-14 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 3.9 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon: CVE-2008-7265 Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption. CVE-2010-3867 Several directory traversal vulnerabilities have been discovered in the mod_site_misc module. CVE-2010-4562 A SQL injection vulnerability was discovered in the mod_sql module. For the oldstable distribution (lenny), this problem has been fixed in version 1.3.1-17lenny6. The stable distribution (squeeze) and the unstable distribution (sid) are not affected, these vulnerabilities have been fixed prior to the release of Debian 6.0 (squeeze). We recommend that you upgrade your proftpd-dfsg packages. |
Original Source
Url : http://www.debian.org/security/2011/dsa-2191 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
25 % | CWE-399 | Resource Management Errors |
25 % | CWE-200 | Information Exposure |
25 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12739 | |||
Oval ID: | oval:org.mitre.oval:def:12739 | ||
Title: | DSA-2191-1 proftpd-dfsg -- several | ||
Description: | Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon: CVE-2008-7265 Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption. CVE-2010-3867 Several directory traversal vulnerabilities have been discovered in the mod_site_misc module. CVE-2010-4652 A SQL injection vulnerability was discovered in the mod_sql module. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2191-1 CVE-2008-7265 CVE-2010-3867 CVE-2010-4652 CVE-2010-4562 | Version: | 7 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | proftpd-dfsg |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-11-21 | Name : Fedora Update for proftpd FEDORA-2011-15741 File : nvt/gb_fedora_2011_15741_proftpd_fc14.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg) File : nvt/deb_2191_1.nasl |
2011-04-21 | Name : Fedora Update for proftpd FEDORA-2011-5033 File : nvt/gb_fedora_2011_5033_proftpd_fc13.nasl |
2011-04-21 | Name : Fedora Update for proftpd FEDORA-2011-5040 File : nvt/gb_fedora_2011_5040_proftpd_fc14.nasl |
2011-02-11 | Name : Mandriva Update for proftpd MDVSA-2011:023 (proftpd) File : nvt/gb_mandriva_MDVSA_2011_023.nasl |
2011-01-31 | Name : Fedora Update for proftpd FEDORA-2011-0610 File : nvt/gb_fedora_2011_0610_proftpd_fc14.nasl |
2011-01-31 | Name : Fedora Update for proftpd FEDORA-2011-0613 File : nvt/gb_fedora_2011_0613_proftpd_fc13.nasl |
2010-12-02 | Name : Fedora Update for proftpd FEDORA-2010-17091 File : nvt/gb_fedora_2010_17091_proftpd_fc14.nasl |
2010-11-30 | Name : ProFTPD Denial of Service Vulnerability File : nvt/gb_proftpd_dos_vuln.nasl |
2010-11-30 | Name : ProFTPD Multiple Remote Vulnerabilities File : nvt/gb_proftpd_mult_vuln.nasl |
2010-11-16 | Name : Fedora Update for proftpd FEDORA-2010-17098 File : nvt/gb_fedora_2010_17098_proftpd_fc13.nasl |
2010-11-16 | Name : Fedora Update for proftpd FEDORA-2010-17220 File : nvt/gb_fedora_2010_17220_proftpd_fc12.nasl |
2010-11-16 | Name : Mandriva Update for proftpd MDVSA-2010:227 (proftpd) File : nvt/gb_mandriva_MDVSA_2010_227.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2010-305-03 proftpd File : nvt/esoft_slk_ssa_2010_305_03.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70782 | ProFTPD contrib/mod_sql.c sql_prepare_where Function Crafted Username Handlin... ProFTPD is prone to an overflow condition. The 'sql_prepare_where' function, contrib/mod_sql.c, fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted username containing substitution tags, a remote attacker can potentially execute arbitrary code. |
69200 | ProFTPD pr_data_xfer Function ABOR Command Remote DoS |
68988 | ProFTPD mod_site_misc Module Multiple Command Traversal Arbitrary File Manipu... ProFTPD contains a flaw that allows a remote, authenticated attacker to traverse outside of a restricted path. The issue is due to the 'mod_site_misc' module not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'SITE MKDIR', 'SITE RMDIR', 'SITE SYMLINK' or 'SITE UTIME' commands. This directory traversal attack would allow the attacker to create and delete directories, create symlinks and modify timestamps. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | ProFTPD mod_site_misc module directory traversal attempt RuleID : 18326 - Revision : 7 - Type : PROTOCOL-FTP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-09-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-15.nasl - Type : ACT_GATHER_INFO |
2011-03-15 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2191.nasl - Type : ACT_GATHER_INFO |
2011-02-09 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-023.nasl - Type : ACT_GATHER_INFO |
2011-01-31 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0610.nasl - Type : ACT_GATHER_INFO |
2011-01-31 | Name : The remote Fedora host is missing a security update. File : fedora_2011-0613.nasl - Type : ACT_GATHER_INFO |
2010-12-23 | Name : The remote FTP server is affected by a heap-based buffer overflow vulnerability. File : proftpd_1_3_3d.nasl - Type : ACT_GATHER_INFO |
2010-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17220.nasl - Type : ACT_GATHER_INFO |
2010-11-12 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-227.nasl - Type : ACT_GATHER_INFO |
2010-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17091.nasl - Type : ACT_GATHER_INFO |
2010-11-11 | Name : The remote Fedora host is missing a security update. File : fedora_2010-17098.nasl - Type : ACT_GATHER_INFO |
2010-11-10 | Name : The remote FTP server is affected by multiple vulnerabilities. File : proftpd_1_3_3c.nasl - Type : ACT_GATHER_INFO |
2010-11-02 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-305-03.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:29:58 |
|
2013-05-11 00:43:59 |
|