6058840 2001-02-06 20:17 -0500 /87 rader/ John Morrissey <jwm@HORDE.NET>
Sänt av: joel@lysator.liu.se
Importerad: 2001-02-07 03:45 av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: jwm@HORDE.NET
Mottagare: Bugtraq (import) <15273>
Ärende: Response to ProFTPD issues
------------------------------------------------------------
From: John Morrissey <jwm@HORDE.NET>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <20010206201733.A2983@horde.net>
=======
Summary
=======
Three issues with the ProFTPD FTP server have been reported to
BUGTRAQ in the past month. These issues have been addressed by the
ProFTPD core team.
The following vulnerabilities are addressed in this advisory:
1. "SIZE memory leak"
http://www.securityfocus.com/archive/1/151991
Reported by Wojciech Purczynski <wp@ELZABSOFT.PL>
2. "USER memory leak"
http://www.securityfocus.com/archive/1/155349
Reported by Wojciech Purczynski <wp@ELZABSOFT.PL>
3. "Minor format string vulnerabilities"
http://www.securityfocus.com/archive/1/155428
Reported by Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL>
All three are thought to exist in all previous 1.2.0 test releases,
(1.2.0pre[1-10], 1.2.0rc[1-2]). All three now have been fixed, and
patches have been committed to the ProFTPD CVS repository. A new
release, 1.2.0rc3, containing these fixes has been made available as
of 5 February and is available from:
http://www.proftpd.org/download.html
ftp://ftp.proftpd.org/distrib/proftpd-1.2.0rc3.tar.gz
Instructions for accessing the CVS repository via Anonymous CVS are
available at:
http://www.proftpd.org/docs/cvs.html
=====================
1. "SIZE memory leak"
=====================
ProFTPD may leak memory when commands are executed. However, this
leak will take place *only* if ProFTPD's scoreboard file is not
writable. If ProFTPD is installed properly and is allowed to write to
the scoreboard file, no leak will take place. The scoreboard file is
created in /usr/local/var/proftpd/ in a standard installation from
source. If you did not install ProFTPD from sources, please contact
your vendor for the intended location of your scoreboard file.
More information, including patches, can be found at
http://bugs.proftpd.net/show_bug.cgi?id=408
=====================
2. "USER memory leak"
=====================
A memory leak in the USER command was found. Issuing additional USER
commands causes the ProFTPD server to consume additional memory.
More information, including patches, can be found at
http://bugs.proftpd.net/show_bug.cgi?id=408
========================================
3. "Minor format string vulnerabilities"
========================================
Two minor format string vulnerabilities were found in ProFTPD. Due to
the nature of the data processed by the affected sections of code,
these vulnerabilities are very difficult, if not impossible, to
exploit.
A full audit was done on the callers of any functions that accept
printf-like format arguments. One minor, unexploitable issue was
found in a third-party module (mod_ratio) and has been fixed. No
other format string vulnerabilites were found.
More information, including patches, can be found at
http://bugs.proftpd.net/show_bug.cgi?id=430
--
John Morrissey _o /\ ---- __o
jwm@horde.net _-< \_ / \ ---- < \,
www.horde.net/ __(_)/_(_)________/ \_______(_) /_(_)__
(6058840) --------------------------------(Ombruten)