OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: John Morrissey (jwmHORDE.NET)
Date: Tue Feb 06 2001 - 19:17:33 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    =======
    Summary
    =======

    Three issues with the ProFTPD FTP server have been reported to BUGTRAQ in
    the past month. These issues have been addressed by the ProFTPD core team.

    The following vulnerabilities are addressed in this advisory:

    1. "SIZE memory leak"
       http://www.securityfocus.com/archive/1/151991
       Reported by Wojciech Purczynski <wpELZABSOFT.PL>

    2. "USER memory leak"
       http://www.securityfocus.com/archive/1/155349
       Reported by Wojciech Purczynski <wpELZABSOFT.PL>

    3. "Minor format string vulnerabilities"
       http://www.securityfocus.com/archive/1/155428
       Reported by Przemyslaw Frasunek <venglinFREEBSD.LUBLIN.PL>

    All three are thought to exist in all previous 1.2.0 test releases,
    (1.2.0pre[1-10], 1.2.0rc[1-2]). All three now have been fixed, and patches
    have been committed to the ProFTPD CVS repository. A new release, 1.2.0rc3,
    containing these fixes has been made available as of 5 February and is
    available from:

            http://www.proftpd.org/download.html
            ftp://ftp.proftpd.org/distrib/proftpd-1.2.0rc3.tar.gz

    Instructions for accessing the CVS repository via Anonymous CVS are
    available at:

            http://www.proftpd.org/docs/cvs.html

    =====================
    1. "SIZE memory leak"
    =====================

    ProFTPD may leak memory when commands are executed. However, this leak will
    take place *only* if ProFTPD's scoreboard file is not writable. If ProFTPD
    is installed properly and is allowed to write to the scoreboard file, no
    leak will take place. The scoreboard file is created in
    /usr/local/var/proftpd/ in a standard installation from source. If you did
    not install ProFTPD from sources, please contact your vendor for the
    intended location of your scoreboard file.

    More information, including patches, can be found at
    http://bugs.proftpd.net/show_bug.cgi?id=408

    =====================
    2. "USER memory leak"
    =====================

    A memory leak in the USER command was found. Issuing additional USER
    commands causes the ProFTPD server to consume additional memory.

    More information, including patches, can be found at
    http://bugs.proftpd.net/show_bug.cgi?id=408

    ========================================
    3. "Minor format string vulnerabilities"
    ========================================

    Two minor format string vulnerabilities were found in ProFTPD. Due to the
    nature of the data processed by the affected sections of code, these
    vulnerabilities are very difficult, if not impossible, to exploit.

    A full audit was done on the callers of any functions that accept
    printf-like format arguments. One minor, unexploitable issue was found in a
    third-party module (mod_ratio) and has been fixed. No other format string
    vulnerabilites were found.

    More information, including patches, can be found at
    http://bugs.proftpd.net/show_bug.cgi?id=430

    --
    John Morrissey          _o            /\         ----  __o
    jwmhorde.net        _-< \_          /  \       ----  <  \,
    www.horde.net/    __(_)/_(_)________/    \_______(_) /_(_)__