Anonymous | Login | 2024-05-17 06:20 CEST |
Main | My View | View Issues |
Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
0001946 | [proftpd] upgrade | major | always | 2006-11-28 05:47 | 2010-10-24 11:35 | ||
Reporter | blindpassenger | View Status | public | ||||
Assigned To | ai | ||||||
Priority | normal | Resolution | fixed | Platform | |||
Status | closed | OS | |||||
Projection | none | OS Version | |||||
ETA | none | Product Build | |||||
Summary | 0001946: CVE-2006-5815: remote code execution in ProFTPD | ||||||
Description |
Copied from www.proftpd.org: On 6 November 2006, Evgeny Legerov <admin@gleg.net> posted to BUGTRAQ[1], announcing his commercial VulnDisco Pack for Metasploit 2.7[2]. One of the included exploits, vd_proftpd.pm, takes advantage of an off-by-one string manipulation flaw in ProFTPD\'s sreplace() function to allow a remote attacker to execute arbitrary code. This vulnerabillity, identified as CVE-2006-5815[3], is believed to affect all versions of ProFTPD up to and including 1.3.0, but exploitability has only been demonstrated with version 1.3.0rc3. The demonstrated exploit relies on write access via FTP for exploitability, but other attack vectors may make exploitation of a read-only FTP server possible. This vulnerability has been patched[4] in the latest release of ProFTPD, 1.3.0a, which is available from the ProFTPD web site, http://www.proftpd.org/. [^] Mitigation techniques have also been developed for use until a patched version can be installed. |
||||||
Steps To Reproduce | |||||||
Additional Information | |||||||
Tags | No tags attached. | ||||||
Attached Files | |||||||
|
Copyright © 2000 - 2008 Mantis Group |