[atomic] psa-proftpd 1.3.3c
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
[atomic] psa-proftpd 1.3.3c
This is duplicated from the ASL 2.0 repo.
http://www.atomicorp.com/news/security-update.html
Atomicorp Security Advisory
Level: Moderate to High
This is an important security update for psa-proftpd. Versions from 1.2.10rc1 to 1.3.3b are vulnerable to certain classes of attack that would allow a malicious user to:
* create a directory located outside the writable directory
* delete a directory located outside the writable directory
* create a symlink located outside the writable directory
* change the time of a file located outside the writable directory
It is highly recommended that psa-proftpd users upgrade to 1.3.3c at their earliest opportunity.
Changelog:
- Update to version 1.3.3c
To upgrade:
yum upgrade psa-proftpd
Credits: We would like to thank BruceLee for bringing this issue to our attention, and the proftpd team for their rapid response in resolving this issue.
http://www.atomicorp.com/news/security-update.html
Atomicorp Security Advisory
Level: Moderate to High
This is an important security update for psa-proftpd. Versions from 1.2.10rc1 to 1.3.3b are vulnerable to certain classes of attack that would allow a malicious user to:
* create a directory located outside the writable directory
* delete a directory located outside the writable directory
* create a symlink located outside the writable directory
* change the time of a file located outside the writable directory
It is highly recommended that psa-proftpd users upgrade to 1.3.3c at their earliest opportunity.
Changelog:
- Update to version 1.3.3c
To upgrade:
yum upgrade psa-proftpd
Credits: We would like to thank BruceLee for bringing this issue to our attention, and the proftpd team for their rapid response in resolving this issue.
Re: [atomic] psa-proftpd 1.3.3c
Thanks Scott for providing the fix so quickly.
Re: [atomic] psa-proftpd 1.3.3c
Yes. this could have been a really bad problem. I'm really glad it is solved -- thanks Scott!!!
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: [atomic] psa-proftpd 1.3.3c
If this vuln was actually against chroot then the ASL kernel would stop this vuln. ASL chroots are more like jails, its pretty hard to escape from them, so if they actually called the chroot function you're safe - if they use their own non-kernel enforced faux-chroot like thing, well yeah, they have a hole.
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: [atomic] psa-proftpd 1.3.3c
if i install it i have error, econnrefused and i cannot connect to my ftp server
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: [atomic] psa-proftpd 1.3.3c
Whats in your systems logs? And are you running ASL?
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: [atomic] psa-proftpd 1.3.3c
i'm not running asl but when i update this service i cannot connect to my ftp.
I use plesk
Where i can see the log?
I use plesk
Where i can see the log?
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: [atomic] psa-proftpd 1.3.3c
/var/log/secure, and /var/log/messages are good places to start
Re: [atomic] psa-proftpd 1.3.3c
This filezilla log:
Stato: Connessione a ******:21...
Stato: Tentativo di connessione non riuscito con "ECONNREFUSED - Connection refused by server".
Errore: Impossibile collegarsi al server
bin /var/log/messages and in /var/log/secure i not ave logs for ftp
Stato: Connessione a ******:21...
Stato: Tentativo di connessione non riuscito con "ECONNREFUSED - Connection refused by server".
Errore: Impossibile collegarsi al server
bin /var/log/messages and in /var/log/secure i not ave logs for ftp
Last edited by camaran on Mon Nov 08, 2010 3:54 pm, edited 1 time in total.
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: [atomic] psa-proftpd 1.3.3c
Im not sure what thats saying there, think you could translate that to english for me?
Re: [atomic] psa-proftpd 1.3.3c
Donescott wrote:Im not sure what thats saying there, think you could translate that to english for me?
Re: [atomic] psa-proftpd 1.3.3c
same thing for me, yum update a fresh server with plesk 10.0.1 and now FTP doesn't work. have proftpd 1.3.3c installed.
ftp localhost gives connection refused. nothing logged in messages or secure...also proftpd.conf was wiped. copied proftpd.conf from another plesk server but still not working.
any ideas?
thanks for any help
ftp localhost gives connection refused. nothing logged in messages or secure...also proftpd.conf was wiped. copied proftpd.conf from another plesk server but still not working.
any ideas?
thanks for any help
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: [atomic] psa-proftpd 1.3.3c
You know I think breun probably figured this one out, you have to re-install the plesk xinetd package whose name escapes me at the moment.
Re: [atomic] psa-proftpd 1.3.3c
didn't take long and there they go:
212.xxx.xxx.xxx (85.xxx.xxx.xxx[85.xxx.xxx.xxx]) - client sent too-long command, ignoring
Thanks to atomicorp we are safe from attacks concering that vulnerability
212.xxx.xxx.xxx (85.xxx.xxx.xxx[85.xxx.xxx.xxx]) - client sent too-long command, ignoring
Thanks to atomicorp we are safe from attacks concering that vulnerability
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: [atomic] psa-proftpd 1.3.3c
Also I put out an update yesterday that should integrate with Plesk 10. It merges in the xinetd package from plesk 9.