linux, säkerhet

10733266 2003-09-23 10:25 -0600 /85 rader/ Dave Ahmad <da@securityfocus.com>
Importerad: 2003-09-23 21:08 av Brevbäraren
Extern mottagare: bugtraq@securityfocus.com
Mottagare: Bugtraq (import) <29151>
Ärende: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd)
------------------------------------------------------------
From: Dave Ahmad <da@securityfocus.com>
To: bugtraq@securityfocus.com
Message-ID: <Pine.LNX.4.58.0309231025140.8737@mail.securityfocus.com>


-----BEGIN PGP SIGNED MESSAGE-----

Internet Security Systems Security Brief
September 23, 2003

ProFTPD ASCII File Remote Compromise Vulnerability

Synopsis:

ISS X-Force has discovered a flaw in the ProFTPD Unix FTP
server. ProFTPD is a highly configurable FTP (File Transfer Protocol)
server for Unix that allows for per-directory access restrictions,
easy configuration of virtual FTP servers, and support for multiple
authentication mechanisms.  A flaw exists in the ProFTPD component
that handles incoming ASCII file transfers.

Impact:

An attacker capable of uploading files to the vulnerable system can
trigger a buffer overflow and execute arbitrary code to gain complete
control of the system. Attackers may use this vulnerability to
destroy, steal, or manipulate data on vulnerable FTP sites.

Affected Versions:

ProFTPD 1.2.7
ProFTPD 1.2.8
ProFTPD 1.2.8rc1
ProFTPD 1.2.8rc2
ProFTPD 1.2.9rc1
ProFTPD 1.2.9rc2

Note: Versions previous to version 1.2.7 may also be vulnerable.

For the complete ISS X-Force Security Advisory, please visit:
http://xforce.iss.net/xforce/alerts/id/154

______

About Internet Security Systems (ISS) Founded in 1994, Internet
Security Systems (ISS) (Nasdaq: ISSX) is a pioneer and world leader
in software and services that protect critical online resources from
an ever-changing spectrum of threats and misuse.  Internet Security
Systems is headquartered in Atlanta, GA, with additional operations
throughout the Americas, Asia, Australia, Europe and the Middle East.

Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
worldwide.

Permission is hereby granted for the electronic redistribution of
this document. It is not to be edited or altered in any way without
the express written consent of the Internet Security Systems
X-Force. If you wish to reprint the whole or any part of this
document in any other medium excluding electronic media, please email
xforce@iss.net for permission.

Disclaimer: The information within this paper may change without
notice.  Use of this information constitutes acceptance for use in an
AS IS condition. There are NO warranties, implied or otherwise, with
regard to this information or its use. Any use of this information is
at the user's risk. In no event shall the author/distributor
(Internet Security Systems X-Force) be held liable for any damages
whatsoever arising out of or in connection with the use or spread of
this information.  X-Force PGP Key available on MIT's PGP key server
and PGP.com's key server, as well as at
http://www.iss.net/security_center/sensitive.php Please send
suggestions, updates, and comments to: X-Force xforce@iss.net of
Internet Security Systems, Inc.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBP3BeFTRfJiV99eG9AQG2ngP/XopPpEYCbR6HSYhObaK+c2D32kwfiQEP
CJqXmoljU661kBKvL2RclLF8tutegL3T44/5utBuVgzCWALSRrJiJgZMWafRtE7m
lnl7V5Rzo7aEBxhmiaOqdLoNgzNd8NTtSkPrcFQZxjrQe9FvpIgsyiuY6ADNoDfH
mXStpCwCFWg=
=TZR3
-----END PGP SIGNATURE-----
(10733266) /Dave Ahmad <da@securityfocus.com>/(Ombruten)
10735083 2003-09-23 23:06 -0700 /93 rader/ Slackware Security Team <security@slackware.com>
Sänt av: owner-slackware-security@slackware.com
Importerad: 2003-09-24 08:18 av Brevbäraren
Extern mottagare: slackware-security@slackware.com
Externa svar till: security@slackware.com
Mottagare: mlistläsande petli <1668>
Mottagare: Bugtraq (import) <29158>
    Sänt:     2003-09-24 18:23
Ärende: [slackware-security]  ProFTPD Security Advisory (SSA:2003-259-02)
------------------------------------------------------------

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  ProFTPD Security Advisory (SSA:2003-259-02)

Upgraded ProFTPD packages are available for Slackware 8.1, 9.0 and
- -current.  These fix a security issue where an attacker could gain
a root shell by downloading a specially crafted file.


Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Tue Sep 23 14:43:10 PDT 2003
n/proftpd-1.2.8p-i486-1.tgz:  Upgraded to proftpd-1.2.8p (patched).
  This fixes a security problem in ProFTPD.  From http://www.proftpd.org:

    X-Force Research at ISS has discovered a remote exploit in
    ProFTPD's handling of ASCII translations that an attacker, by
    downloading a carefully crafted file, can exploit and gain a root
    shell.  The source distributions on ftp.proftpd.org have all been
    replaced with patched versions. All ProFTPD users are strongly
    urged to upgrade to one of the patched versions as soon as
    possible.

  Note that the upgraded package does not change the displayed
  version number to 1.2.8p (it remains 1.2.8), but we've verified the
  source code to make sure that this is in fact the patched version.
  We recommend all sites running ProFTPD upgrade to the new package
  right away.
  (* Security fix *)
+--------------------------+


WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/proftpd-1.2.8p-i386-1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/proftpd-1.2.8p-i386-1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/proftpd-1.2.8p-i486-1.tgz


MD5 SIGNATURES:
+-------------+

Slackware 8.1 package:
8b31d10bab91a0d4a22c7eac69a90087  proftpd-1.2.8p-i386-1.tgz

Slackware 9.0 package:
391d5e24bade1ff98281465d230ddad5  proftpd-1.2.8p-i386-1.tgz

Slackware -current package:
2636a2306a6acb0d8726995de9013678  proftpd-1.2.8p-i486-1.tgz


INSTALLATION INSTRUCTIONS:
+------------------------+

Upgrade using upgradepkg (as root):
# upgradepkg proftpd-1.2.8p-i386-1.tgz



+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/cS5vakRjwEAQIjMRAkFrAJwJKwrmG8uQcfV7F2t7iYLJc0Ct2wCfU+Ju
iXVgdLU5x2/hPLKAZqo0qXU=
=IFC8
-----END PGP SIGNATURE-----
(10735083) /Slackware Security Team <security@slackware.com>/(Ombruten)