Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name MDVSA-2010:227 First vendor Publication 2010-11-11
Vendor Mandriva Last vendor Modification 2010-11-11
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities were discovered and corrected in proftpd:

Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command (CVE-2010-3867).

Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server (CVE-2010-4221).

Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2010:227

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
50 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 32

SAINT Exploits

Description Link
ProFTPD Telnet IAC buffer overflow More info here

OpenVAS Exploits

Date Description
2011-11-21 Name : Fedora Update for proftpd FEDORA-2011-15741
File : nvt/gb_fedora_2011_15741_proftpd_fc14.nasl
2011-05-12 Name : Debian Security Advisory DSA 2191-1 (proftpd-dfsg)
File : nvt/deb_2191_1.nasl
2011-04-21 Name : Fedora Update for proftpd FEDORA-2011-5033
File : nvt/gb_fedora_2011_5033_proftpd_fc13.nasl
2011-04-21 Name : Fedora Update for proftpd FEDORA-2011-5040
File : nvt/gb_fedora_2011_5040_proftpd_fc14.nasl
2011-01-31 Name : Fedora Update for proftpd FEDORA-2011-0610
File : nvt/gb_fedora_2011_0610_proftpd_fc14.nasl
2011-01-31 Name : Fedora Update for proftpd FEDORA-2011-0613
File : nvt/gb_fedora_2011_0613_proftpd_fc13.nasl
2011-01-24 Name : FreeBSD Ports: proftpd
File : nvt/freebsd_proftpd7.nasl
2010-12-02 Name : Fedora Update for proftpd FEDORA-2010-17091
File : nvt/gb_fedora_2010_17091_proftpd_fc14.nasl
2010-11-30 Name : ProFTPD Multiple Remote Vulnerabilities
File : nvt/gb_proftpd_mult_vuln.nasl
2010-11-16 Name : Fedora Update for proftpd FEDORA-2010-17098
File : nvt/gb_fedora_2010_17098_proftpd_fc13.nasl
2010-11-16 Name : Fedora Update for proftpd FEDORA-2010-17220
File : nvt/gb_fedora_2010_17220_proftpd_fc12.nasl
2010-11-16 Name : Mandriva Update for proftpd MDVSA-2010:227 (proftpd)
File : nvt/gb_mandriva_MDVSA_2010_227.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-305-03 proftpd
File : nvt/esoft_slk_ssa_2010_305_03.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
68988 ProFTPD mod_site_misc Module Multiple Command Traversal Arbitrary File Manipu...

ProFTPD contains a flaw that allows a remote, authenticated attacker to traverse outside of a restricted path. The issue is due to the 'mod_site_misc' module not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'SITE MKDIR', 'SITE RMDIR', 'SITE SYMLINK' or 'SITE UTIME' commands. This directory traversal attack would allow the attacker to create and delete directories, create symlinks and modify timestamps.
68985 ProFTPD netio.c pr_netio_telnet_gets Function TELNET_IAC Escape Sequence Remo...

ProFTPD is prone to an overflow condition. The TELNET_IAC Escape Sequence handling fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted request, a remote attacker can potentially cause the executition of arbitrary code.

Snort® IPS/IDS

Date Description
2014-01-10 ProFTPD mod_site_misc module directory traversal attempt
RuleID : 18326 - Revision : 7 - Type : PROTOCOL-FTP

Nessus® Vulnerability Scanner

Date Description
2013-10-15 Name : The remote ProFTP daemon is affected by a buffer overflow vulnerability.
File : proftpd_rce.nasl - Type : ACT_DESTRUCTIVE_ATTACK
2013-09-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201309-15.nasl - Type : ACT_GATHER_INFO
2011-03-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2191.nasl - Type : ACT_GATHER_INFO
2010-11-24 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_533d20e7f71f11df9ae1000bcdf0a03b.nasl - Type : ACT_GATHER_INFO
2010-11-12 Name : The remote Fedora host is missing a security update.
File : fedora_2010-17220.nasl - Type : ACT_GATHER_INFO
2010-11-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-227.nasl - Type : ACT_GATHER_INFO
2010-11-11 Name : The remote Fedora host is missing a security update.
File : fedora_2010-17091.nasl - Type : ACT_GATHER_INFO
2010-11-11 Name : The remote Fedora host is missing a security update.
File : fedora_2010-17098.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote FTP server is affected by multiple vulnerabilities.
File : proftpd_1_3_3c.nasl - Type : ACT_GATHER_INFO
2010-11-02 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-305-03.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:41:53
  • Multiple Updates