7.1 - DSA-2191

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	proftpd security update

Informations
Name	DSA-2191	First vendor Publication	2011-03-14
Vendor	Debian	Last vendor Modification	2011-03-14
Severity (Vendor)	N/A	Revision	1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:S/C:C/I:C/A:C)
Cvss Base Score	7.1	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	High
Cvss Expoit Score	3.9	Authentication	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon:

CVE-2008-7265

Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption.

CVE-2010-3867

Several directory traversal vulnerabilities have been discovered in the mod_site_misc module.

CVE-2010-4562

A SQL injection vulnerability was discovered in the mod_sql module.

For the oldstable distribution (lenny), this problem has been fixed in version 1.3.1-17lenny6.

The stable distribution (squeeze) and the unstable distribution (sid) are not affected, these vulnerabilities have been fixed prior to the release of Debian 6.0 (squeeze).

We recommend that you upgrade your proftpd-dfsg packages.

Original Source

Url : http://www.debian.org/security/2011/dsa-2191

CWE : Common Weakness Enumeration

%	Id	Name
25 %	CWE-399	Resource Management Errors
25 %	CWE-200	Information Exposure
25 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
25 %	CWE-22	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12739

Oval ID:	oval:org.mitre.oval:def:12739
Title:	DSA-2191-1 proftpd-dfsg -- several
Description:	Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon: CVE-2008-7265 Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption. CVE-2010-3867 Several directory traversal vulnerabilities have been discovered in the mod_site_misc module. CVE-2010-4652 A SQL injection vulnerability was discovered in the mod_sql module.
Family:	unix	Class:	patch
Reference(s):	DSA-2191-1 CVE-2008-7265 CVE-2010-3867 CVE-2010-4652 CVE-2010-4562	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):	proftpd-dfsg
Definition Synopsis:
Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND proftpd-dfsg DPKG is earlier than 1.3.1-17lenny6

CPE : Common Platform Enumeration

Type	Description	Count
Application	Proftpd cpe:2.3:a:proftpd:proftpd:1.3.3:d:::::: cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.3.3:::::::* cpe:2.3:a:proftpd:proftpd:1.3.3:a:::::: cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.3.3:rc4:::::: cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.3.3:b:::::: cpe:2.3:a:proftpd:proftpd:1.3.3:c:::::: cpe:2.3:a:proftpd:proftpd:1.3.3:e:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:e:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:d:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:b:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:a:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:c:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:::::::* cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:::::: cpe:2.3:a:proftpd:proftpd:1.3.2:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.3.1:::::::* cpe:2.3:a:proftpd:proftpd:1.3.1:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.3.1:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.3.1:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.3.0:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.3.0:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.3.0:a:::::: cpe:2.3:a:proftpd:proftpd:1.3.0:rc4:::::: cpe:2.3:a:proftpd:proftpd:1.3.0:rc5:::::: cpe:2.3:a:proftpd:proftpd:1.3.0:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.3.0:::::::* cpe:2.3:a:proftpd:proftpd:1.2.9:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.2.9:::::::* cpe:2.3:a:proftpd:proftpd:1.2.9:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.2.9:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.2.8:::::::* cpe:2.3:a:proftpd:proftpd:1.2.8:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.2.8:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.2.7:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.2.7:::::::* cpe:2.3:a:proftpd:proftpd:1.2.7:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.2.7:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.2.6:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.2.6:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.2.6:::::::* cpe:2.3:a:proftpd:proftpd:1.2.5:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.2.5:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.2.5:::::::* cpe:2.3:a:proftpd:proftpd:1.2.5:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.2.4:::::::* cpe:2.3:a:proftpd:proftpd:1.2.3:::::::* cpe:2.3:a:proftpd:proftpd:1.2.2:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.2.2:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.2.2:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.2.2:::::::* cpe:2.3:a:proftpd:proftpd:1.2.10:rc3:::::: cpe:2.3:a:proftpd:proftpd:1.2.10:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.2.10:::::::* cpe:2.3:a:proftpd:proftpd:1.2.10:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.2.1:::::::* cpe:2.3:a:proftpd:proftpd:1.2.0:rc2:::::: cpe:2.3:a:proftpd:proftpd:1.2.0:::::::* cpe:2.3:a:proftpd:proftpd:1.2.0:pre9:::::: cpe:2.3:a:proftpd:proftpd:1.2.0:pre10:::::: cpe:2.3:a:proftpd:proftpd:1.2.0:rc1:::::: cpe:2.3:a:proftpd:proftpd:1.2.0:rc3:::::: cpe:2.3:a:proftpd:proftpd::::::::	67
Os	Microsoft Windows 2000 cpe:2.3:o:microsoft:windows_2000::::::::	1
Os	Microsoft Windows 2003 Server cpe:2.3:o:microsoft:windows_2003_server::::::::	1
Os	Microsoft Windows 7 cpe:2.3:o:microsoft:windows_7::::::::	1
Os	Microsoft Windows Server 2008 cpe:2.3:o:microsoft:windows_server_2008:-:::::::*	1
Os	Microsoft Windows Vista cpe:2.3:o:microsoft:windows_vista::::::::	1
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::::::::	1

OpenVAS Exploits

Date	Description
2011-11-21	Name : Fedora Update for proftpd FEDORA-2011-15741 File : nvt/gb_fedora_2011_15741_proftpd_fc14.nasl
2011-05-12	Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg) File : nvt/deb_2191_1.nasl
2011-04-21	Name : Fedora Update for proftpd FEDORA-2011-5033 File : nvt/gb_fedora_2011_5033_proftpd_fc13.nasl
2011-04-21	Name : Fedora Update for proftpd FEDORA-2011-5040 File : nvt/gb_fedora_2011_5040_proftpd_fc14.nasl
2011-02-11	Name : Mandriva Update for proftpd MDVSA-2011:023 (proftpd) File : nvt/gb_mandriva_MDVSA_2011_023.nasl
2011-01-31	Name : Fedora Update for proftpd FEDORA-2011-0610 File : nvt/gb_fedora_2011_0610_proftpd_fc14.nasl
2011-01-31	Name : Fedora Update for proftpd FEDORA-2011-0613 File : nvt/gb_fedora_2011_0613_proftpd_fc13.nasl
2010-12-02	Name : Fedora Update for proftpd FEDORA-2010-17091 File : nvt/gb_fedora_2010_17091_proftpd_fc14.nasl
2010-11-30	Name : ProFTPD Denial of Service Vulnerability File : nvt/gb_proftpd_dos_vuln.nasl
2010-11-30	Name : ProFTPD Multiple Remote Vulnerabilities File : nvt/gb_proftpd_mult_vuln.nasl
2010-11-16	Name : Fedora Update for proftpd FEDORA-2010-17098 File : nvt/gb_fedora_2010_17098_proftpd_fc13.nasl
2010-11-16	Name : Fedora Update for proftpd FEDORA-2010-17220 File : nvt/gb_fedora_2010_17220_proftpd_fc12.nasl
2010-11-16	Name : Mandriva Update for proftpd MDVSA-2010:227 (proftpd) File : nvt/gb_mandriva_MDVSA_2010_227.nasl
0000-00-00	Name : Slackware Advisory SSA:2010-305-03 proftpd File : nvt/esoft_slk_ssa_2010_305_03.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
70782	ProFTPD contrib/mod_sql.c sql_prepare_where Function Crafted Username Handlin... ProFTPD is prone to an overflow condition. The 'sql_prepare_where' function, contrib/mod_sql.c, fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted username containing substitution tags, a remote attacker can potentially execute arbitrary code.
69200	ProFTPD pr_data_xfer Function ABOR Command Remote DoS
68988	ProFTPD mod_site_misc Module Multiple Command Traversal Arbitrary File Manipu... ProFTPD contains a flaw that allows a remote, authenticated attacker to traverse outside of a restricted path. The issue is due to the 'mod_site_misc' module not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'SITE MKDIR', 'SITE RMDIR', 'SITE SYMLINK' or 'SITE UTIME' commands. This directory traversal attack would allow the attacker to create and delete directories, create symlinks and modify timestamps.

Snort® IPS/IDS

Date	Description
2014-01-10	ProFTPD mod_site_misc module directory traversal attempt RuleID : 18326 - Revision : 7 - Type : PROTOCOL-FTP

Nessus® Vulnerability Scanner

Date	Description
2013-09-25	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-15.nasl - Type : ACT_GATHER_INFO
2011-03-15	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2191.nasl - Type : ACT_GATHER_INFO
2011-02-09	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-023.nasl - Type : ACT_GATHER_INFO
2011-01-31	Name : The remote Fedora host is missing a security update. File : fedora_2011-0610.nasl - Type : ACT_GATHER_INFO
2011-01-31	Name : The remote Fedora host is missing a security update. File : fedora_2011-0613.nasl - Type : ACT_GATHER_INFO
2010-12-23	Name : The remote FTP server is affected by a heap-based buffer overflow vulnerability. File : proftpd_1_3_3d.nasl - Type : ACT_GATHER_INFO
2010-11-12	Name : The remote Fedora host is missing a security update. File : fedora_2010-17220.nasl - Type : ACT_GATHER_INFO
2010-11-12	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-227.nasl - Type : ACT_GATHER_INFO
2010-11-11	Name : The remote Fedora host is missing a security update. File : fedora_2010-17091.nasl - Type : ACT_GATHER_INFO
2010-11-11	Name : The remote Fedora host is missing a security update. File : fedora_2010-17098.nasl - Type : ACT_GATHER_INFO
2010-11-10	Name : The remote FTP server is affected by multiple vulnerabilities. File : proftpd_1_3_3c.nasl - Type : ACT_GATHER_INFO
2010-11-02	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2010-305-03.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:29:58	Multiple Updates
2013-05-11 00:43:59	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	4
Oval ID(s)	1
CPE ID(s)	73
osvdb(s)	3
Openvas Exploit(s)	14
Snort® Rule(s)	1
Nessus® Exploit(s)	12

	Related
7.1	CVE-2010-3867
6.8	CVE-2010-4652
4.3	CVE-2010-4562
4	CVE-2008-7265
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 4 more Alert(s)