You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa proftpd

Sigurnosni nedostatak programskog paketa proftpd

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2015-6401
2015-04-18 05:44:50
——————————————————————————–

Name : proftpd
Product : Fedora 20
Version : 1.3.4e
Release : 3.fc20
URL : http://www.proftpd.org/
Summary : Flexible, stable and highly-configurable FTP server
Description :
ProFTPD is an enhanced FTP server with a focus toward simplicity, security,
and ease of configuration. It features a very Apache-like configuration
syntax, and a highly customizable server infrastructure, including support for
multiple ‘virtual’ FTP servers, anonymous FTP, and permission-based directory
visibility.

This package defaults to the standalone behavior of ProFTPD, but all the
needed scripts to have it run by xinetd instead are included.

——————————————————————————–
Update Information:

Vadim Melihow reported a critical issue with proftpd installations that use the mod_copy module’s SITE CPFR/SITE CPTO commands; mod_copy allows these commands to be used by *unauthenticated clients*

Upstream report:
http://bugs.proftpd.org/show_bug.cgi?id=4169

This update contains a backported fix for this issue.

Note that mod_copy is not loaded/enabled by default in the Fedora package.
——————————————————————————–
ChangeLog:

* Thu Apr 23 2015 Paul Howarth <paul@city-fan.org> – 1.3.4e-3
– Fix failure to load mod_copy by removing references to function that has not
been backported
* Wed Apr 15 2015 Paul Howarth <paul@city-fan.org> – 1.3.4e-2
– Unauthenticated copying of files via SITE CPFR/CPTO was allowed by mod_copy
(CVE-2015-3306, http://bugs.proftpd.org/show_bug.cgi?id=4169)
– Fix wrong size in memset in mod_sftp_pam causing compiler warning
* Mon Feb 16 2015 Paul Howarth <paul@city-fan.org> – 1.3.4e-1
– Update to 1.3.4e
– Fixed numerous upstream-reported bugs:
– Spurious log messages at session close (bug 3945)
– LogFormat %f variable not resolved properly for SFTP renames (bug 3947)
– mod_delay allows too-large values, leading to client hang on
authentication (bug 3858)
– Null pointer dereference for mod_ldap logins when LDAPDefaultAuthScheme
not configured (bug 3951)
– scp downloads result in segfault (bug 3954)
– ProFTPD configuration with thousands of <Directory>/<Limit> sections
leads to slow logins (bug 3957)
– mod_sftp does not honor <Directory>/<Limit> sections when symlinks are
involved (bug 3959)
– Directory creation does not honor single-parameter Umask setting
(bug 3958)
– Directory creation fails (chmod(2) EPERM) when root privs are used in
some cases (bug 3962)
– Authentication error on Cygwin due to bad code (bug 3972)
– mod_sftp can be forced to allocate too much memory for
keyboard-interactive authentication (bug 3973, CVE-2013-4359)
– PathDenyFilter directive does not work as expected for SFTP sessions
(bug 3974)
– Improve permission setting when creating directories (bug 3963)
– Null pointer dereference in mod_exec with ExecOption useStdin (bug 3981)
– Support filesystems that do not support chmod(2)/chown(2), e.g. FAT/ExFAT
(bug 3986)
– SSL session caching modules use incorrect OpenSSL cache mode flags,
breaking session caching (bug 3991)
– ProFTPD should not use fd 2 (stderr) for files (bug 3970)
– RSA signature issue when connecting using PuTTY/WinSCP (bug 3992)
– mod_sftp fails key exchange for 8192-bit DH group (bug 4001)
– IgnoreSCPUploadPerms SFTPOption not honored properly for SCP directory
upload (bug 4004)
– RADIUS “service-type” attribute encoded with wrong length on 64-bit
system (bug 4006)
– SCP upload of shorter file does not completely overwrite existing file of
same name (bug 4013)
– “Directory not empty” error when creating directory is misleading
(bug 4022)
– Restarting proftpd with mod_sftp fails due to permissions on SFTPHostKey
file (bug 4032)
– SSH publickey authentication fails with “MaxLoginAttempts 1” (bug 4034)
– ALLO command failed because of bad size check (bug 4046)
– Race condition in mod_ban can lead to segfault of all new connections
(bug 4048)
– MIC command between RNFR and RNTO should not be rejected (bug 4042)
– mod_facl prevents a normal SIGHUP reload (bug 4044)
– Drop patches for issues resolved in new upstream release
– Anonymous upload directory specification needs to be slightly different if
mod_vroot is in use (#1045922)
http://sourceforge.net/p/proftp/mailman/message/31728570/
– Backport some changes from upstream’s 1.3.5 release to get the API tests to
build
– Use %license where possible
* Fri Dec 20 2013 Paul Howarth <paul@city-fan.org> 1.3.4d-5
– Fix support for 8192-bit DH parameters (#1044586)
– Add 3072-bit and 7680-bit DH parameters (upstream bug 4002)
——————————————————————————–
References:

[ 1 ] Bug #1212386 – CVE-2015-3306 proftpd: unauthenticated copying of files via SITE CPFR/CPTO allowed by mod_copy
https://bugzilla.redhat.com/show_bug.cgi?id=1212386
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update proftpd’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

AutorMarko Stanec
Cert idNCERT-REF-2015-05-0021-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa clamav

Otkriveni su sigurnosni nedostaci u programskom paketu clamav za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju rušenje programskog paketa....

Close