proftpd vulnerability

Requests for RPMS, or new coding projects related to server administration, Plesk, security, or anything else you can think of.
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

proftpd vulnerability

Unread post by BruceLee »

Unauthenticated copying of files via SITE CPFR/CPTO allowed by mod_copy
SOURCE:
http://bugs.proftpd.org/show_bug.cgi?id=4169
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8330
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: proftpd vulnerability

Unread post by scott »

The atomic packages are not affected by this vulnerability as they are not built with CPTO support. I havent had the opportunity to confirm this on the default plesk packages as of yet. The following is a method to determine of your proftp install does support this:


1) connect to the server

2) Authentication is not required, but it doesnt hurt

3)run the command:
site cpfr /etc/passwd

a vulnerable version will return something like
"350 File or directory exists, ready for destination name"

otherwise a version that does not support mod_copy will return:

500 'SITE CPFR' not understood
BruceLee
Forum Regular
Forum Regular
Posts: 879
Joined: Sat Mar 28, 2009 6:58 pm
Location: Germany

Re: proftpd vulnerability

Unread post by BruceLee »

Great. Thanks for the detailed info.
faris
Long Time Forum Regular
Long Time Forum Regular
Posts: 2321
Joined: Thu Dec 09, 2004 11:19 am

Re: proftpd vulnerability

Unread post by faris »

Some posts on the Odin forums indicate the stock version is not vulnerable. But I have not tested personally.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
prupert
Forum Regular
Forum Regular
Posts: 573
Joined: Tue Aug 01, 2006 2:45 pm
Location: Netherlands

Re: proftpd vulnerability

Unread post by prupert »

faris wrote:Some posts on the Odin forums indicate the stock version is not vulnerable. But I have not tested personally.
The Plesk stock version of psa-proftpd is not vulnerable indeed.

Code: Select all

ftp> site cpfr /etc/passwd
500 'SITE CPFR' not understood
Lemonbit Internet Dedicated Server Management
Post Reply