ID FEDORA:1867821FBC Type fedora Reporter Fedora Modified 2013-09-24T00:21:03
Description
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directo ry visibility. This package defaults to the standalone behavior of ProFTPD, but all the needed scripts to have it run by xinetd instead are included.
{"id": "FEDORA:1867821FBC", "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 18 Update: proftpd-1.3.4d-4.fc18", "description": "ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directo ry visibility. This package defaults to the standalone behavior of ProFTPD, but all the needed scripts to have it run by xinetd instead are included. ", "published": "2013-09-24T00:21:03", "modified": "2013-09-24T00:21:03", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}, "href": "", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2012-6095"], "lastseen": "2020-12-21T08:17:52", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-6095"]}, {"type": "openvas", "idList": ["OPENVAS:892606", "OPENVAS:1361412562310866908", "OPENVAS:1361412562310865258", "OPENVAS:865265", "OPENVAS:1361412562310865265", "OPENVAS:866908", "OPENVAS:865258", "OPENVAS:1361412562310865263", "OPENVAS:1361412562310892606", "OPENVAS:865263"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28961", "SECURITYVULNS:VULN:12833"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2606-1:8B37F"]}, {"type": "nessus", "idList": ["SOLARIS11_PROFTPD_20130924.NASL", "MANDRIVA_MDVSA-2013-053.NASL", "DEBIAN_DSA-2606.NASL", "FEDORA_2013-0437.NASL", "FEDORA_2013-0483.NASL", "GENTOO_GLSA-201309-15.NASL", "PROFTPD_MKD_XMKD_FILE_OVERWRITE.NASL", "FEDORA_2013-0468.NASL"]}, {"type": "fedora", "idList": ["FEDORA:E535E215FB", "FEDORA:7168621B73", "FEDORA:76E8B2161B"]}, {"type": "gentoo", "idList": ["GLSA-201309-15"]}], "modified": "2020-12-21T08:17:52", "rev": 2}, "score": {"value": 6.0, "vector": "NONE", "modified": "2020-12-21T08:17:52", "rev": 2}, "vulnersScore": 6.0}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "18", "arch": "any", "packageName": "proftpd", "packageVersion": "1.3.4d", "packageFilename": "UNKNOWN", "operator": "lt"}]}
{"cve": [{"lastseen": "2020-12-09T19:47:26", "description": "ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands.", "edition": 5, "cvss3": {}, "published": "2013-01-24T21:55:00", "title": "CVE-2012-6095", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.2, "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-6095"], "modified": "2013-01-25T05:00:00", "cpe": ["cpe:/a:proftpd:proftpd:1.2.5", "cpe:/a:proftpd:proftpd:1.3.2", "cpe:/a:proftpd:proftpd:1.3.1", "cpe:/a:proftpd:proftpd:1.2.0", "cpe:/a:proftpd:proftpd:1.2.4", "cpe:/a:proftpd:proftpd:1.2.10", "cpe:/a:proftpd:proftpd:1.2.6", "cpe:/a:proftpd:proftpd:1.2.9", "cpe:/a:proftpd:proftpd:1.3.0", "cpe:/a:proftpd:proftpd:1.2.2", "cpe:/a:proftpd:proftpd:1.2.3", "cpe:/a:proftpd:proftpd:1.2.8", "cpe:/a:proftpd:proftpd:1.3.3", "cpe:/a:proftpd:proftpd:1.3.4", "cpe:/a:proftpd:proftpd:1.2.7", "cpe:/a:proftpd:proftpd:1.2.1"], "id": "CVE-2012-6095", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6095", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:proftpd:proftpd:1.3.0:rc4:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.0:a:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.10:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.1:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.7:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.0:pre10:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.0:pre9:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.4:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.1:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.9:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.4:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.3:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.10:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.8:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:rc4:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.6:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.0:rc5:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.0:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.10:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.3:c:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:d:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.2:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.3:a:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:b:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:c:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.9:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.7:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.3:rc4:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:a:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.3:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.9:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.8:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.3:b:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:e:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.1:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.3.2:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.5:rc2:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.7:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.5:rc3:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:proftpd:proftpd:1.2.0:rc2:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-25T10:51:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "description": "Check for the Version of proftpd", "modified": "2017-07-10T00:00:00", "published": "2013-01-31T00:00:00", "id": "OPENVAS:865263", "href": "http://plugins.openvas.org/nasl.php?oid=865263", "type": "openvas", "title": "Fedora Update for proftpd FEDORA-2013-0437", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for proftpd FEDORA-2013-0437\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ProFTPD is an enhanced FTP server with a focus toward simplicity, security,\n and ease of configuration. It features a very Apache-like configuration\n syntax, and a highly customizable server infrastructure, including support for\n multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory\n visibility.\n\n This package defaults to the standalone behavior of ProFTPD, but all the\n needed scripts to have it run by xinetd instead are included.\";\n\n\ntag_affected = \"proftpd on Fedora 18\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097758.html\");\n script_id(865263);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:39 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-6095\");\n script_tag(name:\"cvss_base\", value:\"1.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-0437\");\n script_name(\"Fedora Update for proftpd FEDORA-2013-0437\");\n\n script_summary(\"Check for the Version of proftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.4b~5.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-07-24T12:51:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "description": "It has been discovered that in ProFTPd, an FTP server, an attacker on\nthe same physical host as the server may be able to perform a symlink\nattack allowing to elevate privileges in some configurations.", "modified": "2017-07-07T00:00:00", "published": "2013-01-13T00:00:00", "id": "OPENVAS:892606", "href": "http://plugins.openvas.org/nasl.php?oid=892606", "type": "openvas", "title": "Debian Security Advisory DSA 2606-1 (proftpd-dfsg - symlink race)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2606.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2606-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"proftpd-dfsg on Debian Linux\";\ntag_insight = \"ProFTPd is a powerful FTP daemon supporting hidden directories, virtual\nhosts, and per-directory '.ftpaccess' files.\";\ntag_solution = \"For the stable distribution (squeeze), this problem has been fixed in\nversion 1.3.3a-6squeeze6.\n\nFor the testing distribution (wheezy), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.3.4a-3.\n\nWe recommend that you upgrade your proftpd-dfsg packages.\";\ntag_summary = \"It has been discovered that in ProFTPd, an FTP server, an attacker on\nthe same physical host as the server may be able to perform a symlink\nattack allowing to elevate privileges in some configurations.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892606);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2012-6095\");\n script_name(\"Debian Security Advisory DSA 2606-1 (proftpd-dfsg - symlink race)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-01-13 00:00:00 +0100 (Sun, 13 Jan 2013)\");\n script_tag(name: \"cvss_base\", value:\"1.2\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2606.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"proftpd-basic\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"proftpd-dev\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"proftpd-doc\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"proftpd-mod-ldap\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"proftpd-mod-mysql\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"proftpd-mod-odbc\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"proftpd-mod-pgsql\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"proftpd-mod-sqlite\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-02-06T13:10:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "description": "Check for the Version of proftpd", "modified": "2018-02-05T00:00:00", "published": "2013-01-31T00:00:00", "id": "OPENVAS:865258", "href": "http://plugins.openvas.org/nasl.php?oid=865258", "type": "openvas", "title": "Fedora Update for proftpd FEDORA-2013-0483", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for proftpd FEDORA-2013-0483\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ProFTPD is an enhanced FTP server with a focus toward simplicity, security,\n and ease of configuration. It features a very Apache-like configuration\n syntax, and a highly customizable server infrastructure, including support for\n multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory\n visibility.\n\n This package defaults to the standalone behavior of ProFTPD, but all the\n needed scripts to have it run by xinetd instead are included.\";\n\n\ntag_affected = \"proftpd on Fedora 17\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097832.html\");\n script_id(865258);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:31 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-6095\");\n script_tag(name:\"cvss_base\", value:\"1.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"FEDORA\", value: \"2013-0483\");\n script_name(\"Fedora Update for proftpd FEDORA-2013-0483\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of proftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.4b~5.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-09-24T00:00:00", "id": "OPENVAS:1361412562310866908", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866908", "type": "openvas", "title": "Fedora Update for proftpd FEDORA-2013-16810", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for proftpd FEDORA-2013-16810\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866908\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-24 11:40:57 +0530 (Tue, 24 Sep 2013)\");\n script_cve_id(\"CVE-2012-6095\");\n script_tag(name:\"cvss_base\", value:\"1.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for proftpd FEDORA-2013-16810\");\n\n\n script_tag(name:\"affected\", value:\"proftpd on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-16810\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-September/116622.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'proftpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.4d~4.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-01-31T00:00:00", "id": "OPENVAS:1361412562310865258", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865258", "type": "openvas", "title": "Fedora Update for proftpd FEDORA-2013-0483", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for proftpd FEDORA-2013-0483\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097832.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865258\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:31 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-6095\");\n script_tag(name:\"cvss_base\", value:\"1.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-0483\");\n script_name(\"Fedora Update for proftpd FEDORA-2013-0483\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'proftpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"proftpd on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.4b~5.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "description": "It has been discovered that in ProFTPd, an FTP server, an attacker on\nthe same physical host as the server may be able to perform a symlink\nattack allowing to elevate privileges in some configurations.", "modified": "2019-03-18T00:00:00", "published": "2013-01-13T00:00:00", "id": "OPENVAS:1361412562310892606", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892606", "type": "openvas", "title": "Debian Security Advisory DSA 2606-1 (proftpd-dfsg - symlink race)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2606.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2606-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892606\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-6095\");\n script_name(\"Debian Security Advisory DSA 2606-1 (proftpd-dfsg - symlink race)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-13 00:00:00 +0100 (Sun, 13 Jan 2013)\");\n script_tag(name:\"cvss_base\", value:\"1.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2606.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_tag(name:\"affected\", value:\"proftpd-dfsg on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), this problem has been fixed in\nversion 1.3.3a-6squeeze6.\n\nFor the testing distribution (wheezy), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.3.4a-3.\n\nWe recommend that you upgrade your proftpd-dfsg packages.\");\n script_tag(name:\"summary\", value:\"It has been discovered that in ProFTPd, an FTP server, an attacker on\nthe same physical host as the server may be able to perform a symlink\nattack allowing to elevate privileges in some configurations.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"proftpd-basic\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"proftpd-dev\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"proftpd-doc\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"proftpd-mod-ldap\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"proftpd-mod-mysql\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"proftpd-mod-odbc\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"proftpd-mod-pgsql\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"proftpd-mod-sqlite\", ver:\"1.3.3a-6squeeze6\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-01-31T00:00:00", "id": "OPENVAS:1361412562310865263", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865263", "type": "openvas", "title": "Fedora Update for proftpd FEDORA-2013-0437", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for proftpd FEDORA-2013-0437\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097758.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865263\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:39 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-6095\");\n script_tag(name:\"cvss_base\", value:\"1.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"FEDORA\", value:\"2013-0437\");\n script_name(\"Fedora Update for proftpd FEDORA-2013-0437\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'proftpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"proftpd on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.4b~5.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-25T10:52:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "description": "Check for the Version of proftpd", "modified": "2017-07-10T00:00:00", "published": "2013-09-24T00:00:00", "id": "OPENVAS:866908", "href": "http://plugins.openvas.org/nasl.php?oid=866908", "type": "openvas", "title": "Fedora Update for proftpd FEDORA-2013-16810", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for proftpd FEDORA-2013-16810\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866908);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-09-24 11:40:57 +0530 (Tue, 24 Sep 2013)\");\n script_cve_id(\"CVE-2012-6095\");\n script_tag(name:\"cvss_base\", value:\"1.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_name(\"Fedora Update for proftpd FEDORA-2013-16810\");\n\n tag_insight = \"ProFTPD is an enhanced FTP server with a focus toward simplicity, security,\nand ease of configuration. It features a very Apache-like configuration\nsyntax, and a highly customizable server infrastructure, including support for\nmultiple 'virtual' FTP servers, anonymous FTP, and permission-based directory\nvisibility.\n\nThis package defaults to the standalone behavior of ProFTPD, but all the\nneeded scripts to have it run by xinetd instead are included.\n\";\n\n tag_affected = \"proftpd on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-16810\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-September/116622.html\");\n script_summary(\"Check for the Version of proftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.4d~4.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-01-22T13:10:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095", "CVE-2011-4130"], "description": "Check for the Version of proftpd", "modified": "2018-01-22T00:00:00", "published": "2013-01-31T00:00:00", "id": "OPENVAS:865265", "href": "http://plugins.openvas.org/nasl.php?oid=865265", "type": "openvas", "title": "Fedora Update for proftpd FEDORA-2013-0468", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for proftpd FEDORA-2013-0468\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"ProFTPD is an enhanced FTP server with a focus toward simplicity, security,\n and ease of configuration. It features a very Apache-like configuration\n syntax, and a highly customizable server infrastructure, including support for\n multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory\n visibility.\n\n This package defaults to the standalone behavior of ProFTPD, but all the\n needed scripts to have it run by xinetd instead are included.\";\n\n\ntag_affected = \"proftpd on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097759.html\");\n script_id(865265);\n script_version(\"$Revision: 8483 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 07:58:04 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:48 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-6095\", \"CVE-2011-4130\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2013-0468\");\n script_name(\"Fedora Update for proftpd FEDORA-2013-0468\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of proftpd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.4b~5.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095", "CVE-2011-4130"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-01-31T00:00:00", "id": "OPENVAS:1361412562310865265", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865265", "type": "openvas", "title": "Fedora Update for proftpd FEDORA-2013-0468", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for proftpd FEDORA-2013-0468\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097759.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865265\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-31 09:24:48 +0530 (Thu, 31 Jan 2013)\");\n script_cve_id(\"CVE-2012-6095\", \"CVE-2011-4130\");\n script_tag(name:\"cvss_base\", value:\"9.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2013-0468\");\n script_name(\"Fedora Update for proftpd FEDORA-2013-0468\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'proftpd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"proftpd on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"proftpd\", rpm:\"proftpd~1.3.4b~5.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-6095"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2606-1 security@debian.org\r\nhttp://www.debian.org/security/ Thijs Kinkhorst\r\nJanuary 13, 2013 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : proftpd-dfsg\r\nVulnerability : symlink race\r\nProblem type : local\r\nDebian-specific: no\r\nCVE ID : CVE-2012-6095\r\nDebian Bug : 697524\r\n\r\nIt has been discovered that in ProFTPd, an FTP server, an attacker on\r\nthe same physical host as the server may be able to perform a symlink\r\nattack allowing to elevate privileges in some configurations.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 1.3.3a-6squeeze5.\r\n\r\nFor the testing distribution (wheezy), this problem will be fixed soon.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 1.3.4a-3.\r\n\r\nWe recommend that you upgrade your proftpd-dfsg packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJQ8xpIAAoJEFb2GnlAHawE/usH/i2IjOweYkzsTrO5Nkq1kVra\r\n0ycwOWKJt7LQiwfV55s5ieiDXII3d/ite6lE+nsAIPFwFhcT1dKLpsFqCixCQKUk\r\nZzH3b3HDf0I0VX549wIO6F990blDUFA4SugyLMYnNiOnmyxRo6J9uPUFE0Zx6Dl6\r\nBzulhIeDQsuTbA4QvRLJH9KcBshwXihUQ/Avzw92B4OmJ7tYBDjT/DegU6eI7eRh\r\nLG+gFbGqn0q7HeO+muPxVLCAKUH9sxKjx8zqI9P3biFvlcuCR/HAeYjpgaEUIaXu\r\nTlo5oS/vLG3w+GzhjNReHyfdISmfMWM6H5kpLX31deaz7kFDb2jSPjTiWeVtyvs=\r\n=5TDn\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2013-01-14T00:00:00", "published": "2013-01-14T00:00:00", "id": "SECURITYVULNS:DOC:28961", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28961", "title": "[SECURITY] [DSA 2606-1] proftpd-dfsg security update", "type": "securityvulns", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:50", "bulletinFamily": "software", "cvelist": ["CVE-2012-6095"], "description": "No description provided", "edition": 1, "modified": "2013-01-14T00:00:00", "published": "2013-01-14T00:00:00", "id": "SECURITYVULNS:VULN:12833", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12833", "title": "ProFTPd symbolic links vulnerability", "type": "securityvulns", "cvss": {"score": 1.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "debian": [{"lastseen": "2020-11-11T13:21:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6095"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2606-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nJanuary 13, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : proftpd-dfsg\nVulnerability : symlink race\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2012-6095\nDebian Bug : 697524\n\nIt has been discovered that in ProFTPd, an FTP server, an attacker on\nthe same physical host as the server may be able to perform a symlink\nattack allowing to elevate privileges in some configurations.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.3.3a-6squeeze5.\n\nFor the testing distribution (wheezy), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.3.4a-3.\n\nWe recommend that you upgrade your proftpd-dfsg packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2013-01-13T20:36:00", "published": "2013-01-13T20:36:00", "id": "DEBIAN:DSA-2606-1:8B37F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00008.html", "title": "[SECURITY] [DSA 2606-1] proftpd-dfsg security update", "type": "debian", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6095"], "description": "ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directo ry visibility. This package defaults to the standalone behavior of ProFTPD, but all the needed scripts to have it run by xinetd instead are included. ", "modified": "2013-01-30T00:59:00", "published": "2013-01-30T00:59:00", "id": "FEDORA:7168621B73", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 17 Update: proftpd-1.3.4b-5.fc17", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6095"], "description": "ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directo ry visibility. This package defaults to the standalone behavior of ProFTPD, but all the needed scripts to have it run by xinetd instead are included. ", "modified": "2013-01-30T00:31:19", "published": "2013-01-30T00:31:19", "id": "FEDORA:E535E215FB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: proftpd-1.3.4b-5.fc18", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4130", "CVE-2012-6095"], "description": "ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directo ry visibility. This package defaults to the standalone behavior of ProFTPD, but all the needed scripts to have it run by xinetd instead are included. ", "modified": "2013-01-30T00:31:45", "published": "2013-01-30T00:31:45", "id": "FEDORA:76E8B2161B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: proftpd-1.3.4b-5.fc16", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-07T11:54:04", "description": "A vulnerability has been found and corrected in proftpd :\n\nProFTPD before 1.3.5rc1, when using the UserOwner directive, allows\nlocal users to modify the ownership of arbitrary files via a race\ncondition and a symlink attack on the (1) MKD or (2) XMKD commands\n(CVE-2012-6095).\n\nThe updated packages have been patched to correct thies issue.", "edition": 24, "published": "2013-04-20T00:00:00", "title": "Mandriva Linux Security Advisory : proftpd (MDVSA-2013:053)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "modified": "2013-04-20T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_sql", "p-cpe:/a:mandriva:linux:proftpd-mod_load", "p-cpe:/a:mandriva:linux:proftpd-mod_ctrls_admin", "cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:proftpd-mod_site_misc", "p-cpe:/a:mandriva:linux:proftpd-mod_shaper", "p-cpe:/a:mandriva:linux:proftpd-mod_ifsession", "p-cpe:/a:mandriva:linux:proftpd-mod_autohost", "p-cpe:/a:mandriva:linux:proftpd-mod_sftp", "p-cpe:/a:mandriva:linux:proftpd-mod_ratio", "p-cpe:/a:mandriva:linux:proftpd-mod_tls", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab", "p-cpe:/a:mandriva:linux:proftpd-mod_case", "p-cpe:/a:mandriva:linux:proftpd-mod_vroot", "p-cpe:/a:mandriva:linux:proftpd-mod_wrap_sql", "p-cpe:/a:mandriva:linux:proftpd-mod_ban", "p-cpe:/a:mandriva:linux:proftpd", "p-cpe:/a:mandriva:linux:proftpd-mod_wrap_file", "p-cpe:/a:mandriva:linux:proftpd-mod_ldap", "p-cpe:/a:mandriva:linux:proftpd-devel", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_radius", "p-cpe:/a:mandriva:linux:proftpd-mod_wrap", "p-cpe:/a:mandriva:linux:proftpd-mod_sql_postgres", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_ldap", "p-cpe:/a:mandriva:linux:proftpd-mod_rewrite", "p-cpe:/a:mandriva:linux:proftpd-mod_sql", "p-cpe:/a:mandriva:linux:proftpd-mod_gss", "p-cpe:/a:mandriva:linux:proftpd-mod_sql_mysql", "p-cpe:/a:mandriva:linux:proftpd-mod_sql_passwd", "p-cpe:/a:mandriva:linux:proftpd-mod_radius", "p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_file", "p-cpe:/a:mandriva:linux:proftpd-mod_time"], "id": "MANDRIVA_MDVSA-2013-053.NASL", "href": "https://www.tenable.com/plugins/nessus/66067", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:053. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66067);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-6095\");\n script_bugtraq_id(57172);\n script_xref(name:\"MDVSA\", value:\"2013:053\");\n\n script_name(english:\"Mandriva Linux Security Advisory : proftpd (MDVSA-2013:053)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in proftpd :\n\nProFTPD before 1.3.5rc1, when using the UserOwner directive, allows\nlocal users to modify the ownership of arbitrary files via a race\ncondition and a symlink attack on the (1) MKD or (2) XMKD commands\n(CVE-2012-6095).\n\nThe updated packages have been patched to correct thies issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_autohost\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ban\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_case\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ctrls_admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_gss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ifsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_load\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_quotatab_sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_radius\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_ratio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_rewrite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_shaper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_site_misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sql_mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sql_passwd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_sql_postgres\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_time\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_tls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_vroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_wrap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_wrap_file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:proftpd-mod_wrap_sql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-devel-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_autohost-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_ban-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_case-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_ctrls_admin-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_gss-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_ifsession-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_ldap-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_load-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_quotatab-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_quotatab_file-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_quotatab_ldap-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_quotatab_radius-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_quotatab_sql-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_radius-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_ratio-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_rewrite-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_sftp-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_shaper-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_site_misc-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_sql-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_sql_mysql-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_sql_passwd-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_sql_postgres-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_time-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_tls-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_vroot-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_wrap-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_wrap_file-1.3.3g-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"proftpd-mod_wrap_sql-1.3.3g-2.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:10:48", "description": "Jann Horn reported that there is a possible race condition in the\nhandling of the MKD/XMKD FTP commands, when the UserOwner directive is\ninvolved, and the attacker is on the same physical machine as a\nrunning proftpd. This race applies to mod_sftp and the handling of the\nMKDIR SFTP request as well.\n\nNote that using the DefaultRoot directive to restrict sessions\nmitigates this attack, since the symlinks created by the local\nattacker will point outside of the chroot(2) area within the FTP\nsession, and thus the ownership change will fail. The default\nconfiguration in Fedora applies the DefaultRoot directive to all users\nexcept 'adm'.\n\nThe upstream reference for this issue is:\nhttp://bugs.proftpd.org/show_bug.cgi?id=3841\n\nThis update includes upstream's backport to proftpd 1.3.4 of the fix\nfor this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-01-31T00:00:00", "title": "Fedora 17 : proftpd-1.3.4b-5.fc17 (2013-0483)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "modified": "2013-01-31T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:proftpd", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-0483.NASL", "href": "https://www.tenable.com/plugins/nessus/64367", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-0483.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64367);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-6095\");\n script_xref(name:\"FEDORA\", value:\"2013-0483\");\n\n script_name(english:\"Fedora 17 : proftpd-1.3.4b-5.fc17 (2013-0483)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jann Horn reported that there is a possible race condition in the\nhandling of the MKD/XMKD FTP commands, when the UserOwner directive is\ninvolved, and the attacker is on the same physical machine as a\nrunning proftpd. This race applies to mod_sftp and the handling of the\nMKDIR SFTP request as well.\n\nNote that using the DefaultRoot directive to restrict sessions\nmitigates this attack, since the symlinks created by the local\nattacker will point outside of the chroot(2) area within the FTP\nsession, and thus the ownership change will fail. The default\nconfiguration in Fedora applies the DefaultRoot directive to all users\nexcept 'adm'.\n\nThe upstream reference for this issue is:\nhttp://bugs.proftpd.org/show_bug.cgi?id=3841\n\nThis update includes upstream's backport to proftpd 1.3.4 of the fix\nfor this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.proftpd.org/show_bug.cgi?id=3841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=892715\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-January/097832.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8a337931\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected proftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:proftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"proftpd-1.3.4b-5.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"proftpd\");\n}\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:10:48", "description": "Jann Horn reported that there is a possible race condition in the\nhandling of the MKD/XMKD FTP commands, when the UserOwner directive is\ninvolved, and the attacker is on the same physical machine as a\nrunning proftpd. This race applies to mod_sftp and the handling of the\nMKDIR SFTP request as well.\n\nNote that using the DefaultRoot directive to restrict sessions\nmitigates this attack, since the symlinks created by the local\nattacker will point outside of the chroot(2) area within the FTP\nsession, and thus the ownership change will fail. The default\nconfiguration in Fedora applies the DefaultRoot directive to all users\nexcept 'adm'.\n\nThe upstream reference for this issue is:\nhttp://bugs.proftpd.org/show_bug.cgi?id=3841\n\nThis update includes upstream's backport to proftpd 1.3.4 of the fix\nfor this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-01-31T00:00:00", "title": "Fedora 16 : proftpd-1.3.4b-5.fc16 (2013-0468)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "modified": "2013-01-31T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:proftpd", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2013-0468.NASL", "href": "https://www.tenable.com/plugins/nessus/64366", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-0468.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64366);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-6095\");\n script_xref(name:\"FEDORA\", value:\"2013-0468\");\n\n script_name(english:\"Fedora 16 : proftpd-1.3.4b-5.fc16 (2013-0468)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jann Horn reported that there is a possible race condition in the\nhandling of the MKD/XMKD FTP commands, when the UserOwner directive is\ninvolved, and the attacker is on the same physical machine as a\nrunning proftpd. This race applies to mod_sftp and the handling of the\nMKDIR SFTP request as well.\n\nNote that using the DefaultRoot directive to restrict sessions\nmitigates this attack, since the symlinks created by the local\nattacker will point outside of the chroot(2) area within the FTP\nsession, and thus the ownership change will fail. The default\nconfiguration in Fedora applies the DefaultRoot directive to all users\nexcept 'adm'.\n\nThe upstream reference for this issue is:\nhttp://bugs.proftpd.org/show_bug.cgi?id=3841\n\nThis update includes upstream's backport to proftpd 1.3.4 of the fix\nfor this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.proftpd.org/show_bug.cgi?id=3841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=892715\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-January/097759.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c4bd3aec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected proftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:proftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"proftpd-1.3.4b-5.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"proftpd\");\n}\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T10:10:47", "description": "Jann Horn reported that there is a possible race condition in the\nhandling of the MKD/XMKD FTP commands, when the UserOwner directive is\ninvolved, and the attacker is on the same physical machine as a\nrunning proftpd. This race applies to mod_sftp and the handling of the\nMKDIR SFTP request as well.\n\nNote that using the DefaultRoot directive to restrict sessions\nmitigates this attack, since the symlinks created by the local\nattacker will point outside of the chroot(2) area within the FTP\nsession, and thus the ownership change will fail. The default\nconfiguration in Fedora applies the DefaultRoot directive to all users\nexcept 'adm'.\n\nThe upstream reference for this issue is:\nhttp://bugs.proftpd.org/show_bug.cgi?id=3841\n\nThis update includes upstream's backport to proftpd 1.3.4 of the fix\nfor this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2013-01-31T00:00:00", "title": "Fedora 18 : proftpd-1.3.4b-5.fc18 (2013-0437)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "modified": "2013-01-31T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:proftpd"], "id": "FEDORA_2013-0437.NASL", "href": "https://www.tenable.com/plugins/nessus/64365", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-0437.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64365);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-6095\");\n script_xref(name:\"FEDORA\", value:\"2013-0437\");\n\n script_name(english:\"Fedora 18 : proftpd-1.3.4b-5.fc18 (2013-0437)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jann Horn reported that there is a possible race condition in the\nhandling of the MKD/XMKD FTP commands, when the UserOwner directive is\ninvolved, and the attacker is on the same physical machine as a\nrunning proftpd. This race applies to mod_sftp and the handling of the\nMKDIR SFTP request as well.\n\nNote that using the DefaultRoot directive to restrict sessions\nmitigates this attack, since the symlinks created by the local\nattacker will point outside of the chroot(2) area within the FTP\nsession, and thus the ownership change will fail. The default\nconfiguration in Fedora applies the DefaultRoot directive to all users\nexcept 'adm'.\n\nThe upstream reference for this issue is:\nhttp://bugs.proftpd.org/show_bug.cgi?id=3841\n\nThis update includes upstream's backport to proftpd 1.3.4 of the fix\nfor this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.proftpd.org/show_bug.cgi?id=3841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=892715\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-January/097758.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a7bfe84\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected proftpd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:proftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"proftpd-1.3.4b-5.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"proftpd\");\n}\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-09-14T17:37:25", "description": "The remote host is using ProFTPD, a free FTP server for Unix and Linux. \nAccording to its banner, the version of ProFTPD installed on the remote\nhost earlier than 1.3.4c. As such, it is potentially affected by a race\ncondition error that does not securely create temporary files related to\nsymlinks and newly created directories. A local, attacker could\nleverage this issue to overwrite arbitrary files and elevate privileges. \n\nNote that Nessus did not actually test for the flaw but has instead\nrelied on the version in ProFTPD's banner.", "edition": 16, "published": "2013-06-24T00:00:00", "title": "ProFTPD FTP Command Handling Symlink Arbitrary File Overwrite", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "modified": "2013-06-24T00:00:00", "cpe": ["cpe:/a:proftpd:proftpd"], "id": "PROFTPD_MKD_XMKD_FILE_OVERWRITE.NASL", "href": "https://www.tenable.com/plugins/nessus/66970", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66970);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2012-6095\");\n script_bugtraq_id(57172);\n\n script_name(english:\"ProFTPD FTP Command Handling Symlink Arbitrary File Overwrite\");\n script_summary(english:\"Checks version in the service banner\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FTP server is affected by an arbitrary file overwrite\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is using ProFTPD, a free FTP server for Unix and Linux. \nAccording to its banner, the version of ProFTPD installed on the remote\nhost earlier than 1.3.4c. As such, it is potentially affected by a race\ncondition error that does not securely create temporary files related to\nsymlinks and newly created directories. A local, attacker could\nleverage this issue to overwrite arbitrary files and elevate privileges. \n\nNote that Nessus did not actually test for the flaw but has instead\nrelied on the version in ProFTPD's banner.\");\n # https://web.archive.org/web/20160402191530/http://proftpd.org/docs/RELEASE_NOTES-1.3.4c\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5fd455fb\");\n script_set_attribute(attribute:\"see_also\", value:\"http://proftpd.org/docs/RELEASE_NOTES-1.3.5rc1\");\n script_set_attribute(attribute:\"see_also\", value:\"http://bugs.proftpd.org/show_bug.cgi?id=3841\");\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to 1.3.4c / 1.3.5rc1 or apply the patch from the vendor.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-6095\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/24\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:proftpd:proftpd\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FTP\");\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ftpserver_detect_type_nd_version.nasl\");\n script_require_keys(\"ftp/proftpd\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/ftp\", 21);\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ftp_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_ftp_port(default: 21, broken:TRUE);\n\nbanner = get_ftp_banner(port:port);\nif (!banner) audit(AUDIT_NO_BANNER, port);\nif (\"ProFTPD\" >!< banner) audit(AUDIT_NOT_LISTEN, \"ProFTPD\", port);\n\nmatches = pregmatch(string:banner, pattern:\"ProFTPD ([0-9a-z.]+) \");\nif (!isnull(matches)) version = matches[1];\nelse audit(AUDIT_SERVICE_VER_FAIL, \"ProFTPD\", port);\n\n# nb: banner checks of open source software are prone to false-positives\n# so we only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nif (version =~ '^1(\\\\.3)?$') exit(1, \"The banner from ProFTPD listening on port \"+port+\" - \"+banner+\" - is not granular enough.\");\n\n# Affected\n# 0.x - 1.3.3x\n# 1.3.4x < 1.3.4c (to include rc1 - rc3 and ^1.3.4$\n# While the issue is patched in 1.3.5rc1, there is no\n# 1.3.5x version before that, therefore nothing to check\nif (\n version =~ \"^0\\.\" ||\n version =~ \"^1\\.[0-2]($|\\.)\" ||\n version =~ \"^1\\.3\\.[0-3]($|[^0-9])\" ||\n version =~ \"^1\\.3\\.4($|[ab]$|rc[1-3]$)\"\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + chomp(banner) +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 1.3.4c / 1.3.5rc1\\n';\n security_note(port:port, extra:report);\n }\n else security_note(port);\n exit(0);\n}\naudit(AUDIT_LISTEN_NOT_VULN, \"ProFTPD\", port, version);\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-12T09:47:46", "description": "It has been discovered that in ProFTPd, an FTP server, an attacker on\nthe same physical host as the server may be able to perform a symlink\nattack allowing to elevate privileges in some configurations.", "edition": 16, "published": "2013-01-14T00:00:00", "title": "Debian DSA-2606-1 : proftpd-dfsg - symlink race", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "modified": "2013-01-14T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:proftpd-dfsg"], "id": "DEBIAN_DSA-2606.NASL", "href": "https://www.tenable.com/plugins/nessus/63512", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2606. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63512);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-6095\");\n script_bugtraq_id(57172);\n script_xref(name:\"DSA\", value:\"2606\");\n\n script_name(english:\"Debian DSA-2606-1 : proftpd-dfsg - symlink race\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It has been discovered that in ProFTPd, an FTP server, an attacker on\nthe same physical host as the server may be able to perform a symlink\nattack allowing to elevate privileges in some configurations.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/proftpd-dfsg\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2606\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the proftpd-dfsg packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1.3.3a-6squeeze6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:proftpd-dfsg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"proftpd-basic\", reference:\"1.3.3a-6squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"proftpd-dev\", reference:\"1.3.3a-6squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"proftpd-doc\", reference:\"1.3.3a-6squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"proftpd-mod-ldap\", reference:\"1.3.3a-6squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"proftpd-mod-mysql\", reference:\"1.3.3a-6squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"proftpd-mod-odbc\", reference:\"1.3.3a-6squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"proftpd-mod-pgsql\", reference:\"1.3.3a-6squeeze6\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"proftpd-mod-sqlite\", reference:\"1.3.3a-6squeeze6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-17T14:01:09", "description": "The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - ProFTPD before 1.3.5rc1, when using the UserOwner\n directive, allows local users to modify the ownership of\n arbitrary files via a race condition and a symlink\n attack on the (1) MKD or (2) XMKD commands.\n (CVE-2012-6095)", "edition": 24, "published": "2015-01-19T00:00:00", "title": "Oracle Solaris Third-Party Patch Update : proftpd (cve_2012_6095_race_conditions)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6095"], "modified": "2015-01-19T00:00:00", "cpe": ["cpe:/o:oracle:solaris:11.1", "p-cpe:/a:oracle:solaris:proftpd"], "id": "SOLARIS11_PROFTPD_20130924.NASL", "href": "https://www.tenable.com/plugins/nessus/80743", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle Third Party software advisories.\n#\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80743);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-6095\");\n\n script_name(english:\"Oracle Solaris Third-Party Patch Update : proftpd (cve_2012_6095_race_conditions)\");\n script_summary(english:\"Check for the 'entire' version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Solaris system is missing a security patch for third-party\nsoftware.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote Solaris system is missing necessary patches to address\nsecurity updates :\n\n - ProFTPD before 1.3.5rc1, when using the UserOwner\n directive, allows local users to modify the ownership of\n arbitrary files via a race condition and a symlink\n attack on the (1) MKD or (2) XMKD commands.\n (CVE-2012-6095)\"\n );\n # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4a913f44\"\n );\n # https://blogs.oracle.com/sunsecurity/cve-2012-6095-race-conditions-vulnerability-in-proftpd\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8b085110\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade to Solaris 11.1.11.4.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:11.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:proftpd\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\", \"Host/Solaris11/pkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\npkg_list = solaris_pkg_list_leaves();\nif (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, \"Solaris pkg-list packages\");\n\nif (empty_or_null(egrep(string:pkg_list, pattern:\"^proftpd$\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"proftpd\");\n\nflag = 0;\n\nif (solaris_check_release(release:\"0.5.11-0.175.1.11.0.4.0\", sru:\"SRU 11.1.11.4.0\") > 0) flag++;\n\nif (flag)\n{\n error_extra = 'Affected package : proftpd\\n' + solaris_get_report2();\n error_extra = ereg_replace(pattern:\"version\", replace:\"OS version\", string:error_extra);\n if (report_verbosity > 0) security_note(port:0, extra:error_extra);\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_PACKAGE_NOT_AFFECTED, \"proftpd\");\n", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-07T10:54:48", "description": "The remote host is affected by the vulnerability described in GLSA-201309-15\n(ProFTPD: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ProFTPD. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could possibly execute arbitrary code with\n the privileges of the process, perform man-in-the-middle attacks to spoof\n arbitrary SSL servers, cause a Denial of Service condition, or read and\n modify arbitrary files.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 21, "published": "2013-09-25T00:00:00", "title": "GLSA-201309-15 : ProFTPD: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4359", "CVE-2012-6095", "CVE-2009-3555", "CVE-2010-4652", "CVE-2011-1137", "CVE-2011-4130", "CVE-2010-4221", "CVE-2010-3867"], "modified": "2013-09-25T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:proftpd"], "id": "GENTOO_GLSA-201309-15.NASL", "href": "https://www.tenable.com/plugins/nessus/70111", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201309-15.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70111);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-3555\", \"CVE-2010-3867\", \"CVE-2010-4221\", \"CVE-2010-4652\", \"CVE-2011-1137\", \"CVE-2011-4130\", \"CVE-2012-6095\", \"CVE-2013-4359\");\n script_bugtraq_id(36935, 44562, 44933, 46183, 50631, 57172, 62328);\n script_xref(name:\"GLSA\", value:\"201309-15\");\n\n script_name(english:\"GLSA-201309-15 : ProFTPD: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201309-15\n(ProFTPD: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ProFTPD. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could possibly execute arbitrary code with\n the privileges of the process, perform man-in-the-middle attacks to spoof\n arbitrary SSL servers, cause a Denial of Service condition, or read and\n modify arbitrary files.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201309-15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ProFTPD users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-ftp/proftpd-1.3.4d'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (Linux)');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:proftpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-ftp/proftpd\", unaffected:make_list(\"ge 1.3.4d\"), vulnerable:make_list(\"lt 1.3.4d\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ProFTPD\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:46", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4359", "CVE-2012-6095", "CVE-2009-3555", "CVE-2010-4652", "CVE-2011-1137", "CVE-2011-4130", "CVE-2010-4221", "CVE-2010-3867"], "edition": 1, "description": "### Background\n\nProFTPD is an advanced and very configurable FTP server.\n\n### Description\n\nMultiple vulnerabilities have been discovered in ProFTPD. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA context-dependent attacker could possibly execute arbitrary code with the privileges of the process, perform man-in-the-middle attacks to spoof arbitrary SSL servers, cause a Denial of Service condition, or read and modify arbitrary files. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ProFTPD users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-ftp/proftpd-1.3.4d\"", "modified": "2013-09-24T00:00:00", "published": "2013-09-24T00:00:00", "id": "GLSA-201309-15", "href": "https://security.gentoo.org/glsa/201309-15", "type": "gentoo", "title": "ProFTPD: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
