diff options
author | Remko Lodder <remko@FreeBSD.org> | 2010-11-23 16:38:51 +0000 |
---|---|---|
committer | Remko Lodder <remko@FreeBSD.org> | 2010-11-23 16:38:51 +0000 |
commit | 9cdf36a2e6818c9934b5b369806619a3c99ca012 (patch) | |
tree | 14d2cb259f2c8687b1b708e514fa6134ce10c179 /security/vuxml/vuln.xml | |
parent | 192aaac600cc5cdb7332fa9abb205edc8eb45f01 (diff) | |
download | ports-9cdf36a2e6818c9934b5b369806619a3c99ca012.tar.gz ports-9cdf36a2e6818c9934b5b369806619a3c99ca012.zip |
Add proftpd remote root vulnerability.
Based on: Vladimir Nikolic <vladimir dot nikolic at amis dot net>
Feature proof: yes
With hat: secteam
Notes
Notes:
svn path=/head/; revision=265014
Diffstat (limited to 'security/vuxml/vuln.xml')
-rw-r--r-- | security/vuxml/vuln.xml | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index bccfbdf3d82b..9276aac4394d 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,43 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="533d20e7-f71f-11df-9ae1-000bcdf0a03b"> + <topic>proftpd -- remote code execution vulnerability</topic> + <affects> + <package> + <name>proftpd</name> + <range><lt>1.3.3c</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Tippingpoint reports:</p> + <blockquote cite="http://www.zerodayinitiative.com/advisories/ZDI-10-229/"> + <p>This vulnerability allows remote attackers to execute arbitrary + code on vulnerable installations of ProFTPD. Authentication is not + required to exploit this vulnerability.</p> + + <p>The flaw exists within the proftpd server component which + listens by default on TCP port 21. When reading user input if a + TELNET_IAC escape sequence is encountered the process + miscalculates a buffer length counter value allowing a user + controlled copy of data to a stack buffer. A remote attacker can + exploit this vulnerability to execute arbitrary code under the + context of the proftpd process.</p> + </blockquote> + </body> + </description> + <references> + <bid>44562</bid> + <cvename>CVE-2010-4221</cvename> + <url>http://www.zerodayinitiative.com/advisories/ZDI-10-229/</url> + </references> + <dates> + <discovery>2010-11-FIXME</discovery> + <entry>2010-11-23</entry> + </dates> + </vuln> + <vuln vid="3042c33a-f237-11df-9d02-0018fe623f2b"> <topic>openssl -- TLS extension parsing race condition</topic> <affects> |