GSSFTP Daemon Input Validation Vulnerability
BID:1374
Info
GSSFTP Daemon Input Validation Vulnerability
| Bugtraq ID: | 1374 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 14 2000 12:00AM |
| Updated: | Jun 14 2000 12:00AM |
| Credit: | This vulnerability was posted to the Bugtraq mailing list on June 14, 2000 by Tom Yu <[email protected]> |
| Vulnerable: |
MIT Kerberos 5 5.0 -1.2beta2 MIT Kerberos 5 5.0 -1.2beta1 MIT Kerberos 5 5.0 -1.1.1 MIT Kerberos 5 5.0 -1.1 |
| Not Vulnerable: |
MIT Kerberos 5 5.0 -1.0.x |
Discussion
GSSFTP Daemon Input Validation Vulnerability
A denial of service, and a potential remote root compromise, exist in the gssftp daemon, as provided as part of the MIT Kerberos 5 1.1, 1.1.1 and 1.2-beta1 and beta2 distributions. Due to a command parsing flaw, remote users may be able to execute certain ftp commands they are not authorized to performed. This may allow a remote user to cause a denial of service against the ftpd, and may be used by an attacker with a local account to gain root access.
This vulnerability is not present in Kerberos 5 1.0.x distributions.
A denial of service, and a potential remote root compromise, exist in the gssftp daemon, as provided as part of the MIT Kerberos 5 1.1, 1.1.1 and 1.2-beta1 and beta2 distributions. Due to a command parsing flaw, remote users may be able to execute certain ftp commands they are not authorized to performed. This may allow a remote user to cause a denial of service against the ftpd, and may be used by an attacker with a local account to gain root access.
This vulnerability is not present in Kerberos 5 1.0.x distributions.
Exploit / POC
GSSFTP Daemon Input Validation Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution / Fix
GSSFTP Daemon Input Validation Vulnerability
Solution:
A patch is available below.
MIT Kerberos 5 5.0 -1.1
MIT Kerberos 5 5.0 -1.2beta1
MIT Kerberos 5 5.0 -1.2beta2
MIT Kerberos 5 5.0 -1.1.1
Solution:
A patch is available below.
MIT Kerberos 5 5.0 -1.1
-
MIT ftpd_111_patch
http://web.mit.edu/kerberos/www/advisories/ftpd_111_patch.txt
MIT Kerberos 5 5.0 -1.2beta1
-
MIT ftpd_111_patch
http://web.mit.edu/kerberos/www/advisories/ftpd_111_patch.txt
MIT Kerberos 5 5.0 -1.2beta2
-
MIT ftpd_111_patch
http://web.mit.edu/kerberos/www/advisories/ftpd_111_patch.txt
MIT Kerberos 5 5.0 -1.1.1
-
MIT ftpd_111_patch
http://web.mit.edu/kerberos/www/advisories/ftpd_111_patch.txt