ID CVE-2011-0988 Type cve Reporter cve@mitre.org Modified 2017-08-17T01:33:00
Description
pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors.
{"nessus": [{"lastseen": "2019-02-21T01:14:44", "bulletinFamily": "scanner", "description": "pure-ftpd was updated to fix a security issue with an Open Enterprise Server specific patch :\n\n - A worldwriteable directory created and used by the OES pure-ftpd Netware extensions could be used by local attackers to overwrite system files and so gain privileges. (CVE-2011-0988)", "modified": "2012-05-17T00:00:00", "id": "SUSE_PURE-FTPD-7428.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=53318", "published": "2011-04-07T00:00:00", "title": "SuSE 10 Security Update : pure-ftpd (ZYPP Patch Number 7428)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(53318);\n script_version (\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2012/05/17 11:20:15 $\");\n\n script_cve_id(\"CVE-2011-0988\");\n\n script_name(english:\"SuSE 10 Security Update : pure-ftpd (ZYPP Patch Number 7428)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"pure-ftpd was updated to fix a security issue with an Open Enterprise\nServer specific patch :\n\n - A worldwriteable directory created and used by the OES\n pure-ftpd Netware extensions could be used by local\n attackers to overwrite system files and so gain\n privileges. (CVE-2011-0988)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0988.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7428.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"pure-ftpd-1.0.22-0.18.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"pure-ftpd-1.0.22-0.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:15:46", "bulletinFamily": "scanner", "description": "pure-ftpd was updated to fix a security issue with an Open Enterprise Server specific patch :\n\n - A worldwriteable directory created and used by the OES pure-ftpd Netware extensions could be used by local attackers to overwrite system files and so gain privileges. (CVE-2011-0988)", "modified": "2012-05-17T00:00:00", "id": "SUSE_PURE-FTPD-7426.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57245", "published": "2011-12-13T00:00:00", "title": "SuSE 10 Security Update : pure-ftpd (ZYPP Patch Number 7426)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57245);\n script_version (\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2012/05/17 11:20:15 $\");\n\n script_cve_id(\"CVE-2011-0988\");\n\n script_name(english:\"SuSE 10 Security Update : pure-ftpd (ZYPP Patch Number 7426)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"pure-ftpd was updated to fix a security issue with an Open Enterprise\nServer specific patch :\n\n - A worldwriteable directory created and used by the OES\n pure-ftpd Netware extensions could be used by local\n attackers to overwrite system files and so gain\n privileges. (CVE-2011-0988)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0988.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7426.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"pure-ftpd-1.0.22-0.18.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"pure-ftpd-1.0.22-0.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
