Lucene search

K

SAINT CorporationSAINT:FD1752E124A72FD3A26EEB9B315E8382

HistoryMay 29, 2015 - 12:00 a.m.

ProFTPD mod_copy command execution

2015-05-2900:00:00

SAINT Corporation

download.saintcorporation.com

2919

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

Added: 05/29/2015
CVE: CVE-2015-3306
BID: 74238
OSVDB: 120834

Background

ProFTPD is free FTP Server software for Unix and Linux platforms.

Problem

The mod_copy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the **SITE CPFR** and **SITE CPTO** commands. This can lead to arbitrary command execution if the system also runs a web server supporting PHP.

Resolution

Upgrade to ProFTPD 1.3.5a or 1.3.6rc1 or higher, or install a package update from your Linux vendor.

References

<http://bugs.proftpd.org/show_bug.cgi?id=4169>

Limitations

Exploit works on ProFTPD 1.3.5 and requires the mod_copy module to be enabled.

The target must also run a web server supporting PHP in order for the exploit to succeed.

Platforms

Linux

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.972 High

EPSS

Percentile

99.8%

Related for SAINT:FD1752E124A72FD3A26EEB9B315E8382

debian2 prion2 zdt3 openvas8 hackerone1 securityvulns2 nessus9 debiancve2 saint3 fedora3 ubuntucve2 packetstorm5 canvas1 checkpoint_advisories1 osv2 freebsd1 slackware1 cve2 exploitdb1 thn1