Atomicorp

Security for Everyone
https://forums.atomicorp.com/

proftpd vulnerability

https://forums.atomicorp.com/viewtopic.php?t=8033

Page 1 of 1

proftpd vulnerability

Posted: Thu May 21, 2015 4:59 am
by BruceLee
Unauthenticated copying of files via SITE CPFR/CPTO allowed by mod_copy
SOURCE:
http://bugs.proftpd.org/show_bug.cgi?id=4169

Re: proftpd vulnerability

Posted: Thu May 21, 2015 9:55 am
by scott
The atomic packages are not affected by this vulnerability as they are not built with CPTO support. I havent had the opportunity to confirm this on the default plesk packages as of yet. The following is a method to determine of your proftp install does support this:


1) connect to the server

2) Authentication is not required, but it doesnt hurt

3)run the command:
site cpfr /etc/passwd

a vulnerable version will return something like
"350 File or directory exists, ready for destination name"

otherwise a version that does not support mod_copy will return:

500 'SITE CPFR' not understood

Re: proftpd vulnerability

Posted: Thu May 21, 2015 10:18 am
by BruceLee
Great. Thanks for the detailed info.

Re: proftpd vulnerability

Posted: Thu May 21, 2015 10:18 am
by faris
Some posts on the Odin forums indicate the stock version is not vulnerable. But I have not tested personally.

Re: proftpd vulnerability

Posted: Thu May 21, 2015 7:12 pm
by prupert
faris wrote:Some posts on the Odin forums indicate the stock version is not vulnerable. But I have not tested personally.
The Plesk stock version of psa-proftpd is not vulnerable indeed.

Code: Select all

ftp> site cpfr /etc/passwd
500 'SITE CPFR' not understood
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited