ProFTPD Controls Module Local Buffer Overflow Vulnerability
BID:21587
Info
ProFTPD Controls Module Local Buffer Overflow Vulnerability
| Bugtraq ID: | 21587 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-6563 |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 13 2006 12:00AM |
| Updated: | Oct 13 2009 05:19PM |
| Credit: | Alfredo Ortega from Core Security Technologies is credited with discovering this issue. |
| Vulnerable: |
Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Operating System Enterprise Server 2.0 ProFTPD Project ProFTPD 1.3 a ProFTPD Project ProFTPD 1.3 OpenPKG OpenPKG E1.0-Solid Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 |
| Not Vulnerable: | |
Discussion
ProFTPD Controls Module Local Buffer Overflow Vulnerability
ProFTPD is prone to a local stack-based buffer-overflow vulnerability.
Attackers may exploit this issue to corrupt memory and execute arbitrary code in the context of the server application, resulting in a complete compromise of affected computers.
NOTE: ProFTPD is vulnerable only when compiled with 'mod_ctrls' support and the module is enabled.
ProFTPD is prone to a local stack-based buffer-overflow vulnerability.
Attackers may exploit this issue to corrupt memory and execute arbitrary code in the context of the server application, resulting in a complete compromise of affected computers.
NOTE: ProFTPD is vulnerable only when compiled with 'mod_ctrls' support and the module is enabled.
Exploit / POC
ProFTPD Controls Module Local Buffer Overflow Vulnerability
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following proofs of concept and exploits are available:
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
The following proofs of concept and exploits are available:
Solution / Fix
ProFTPD Controls Module Local Buffer Overflow Vulnerability
Solution:
Please see the referenced advisories for more information.
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
ProFTPD Project ProFTPD 1.3
Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
Solution:
Please see the referenced advisories for more information.
Mandriva Linux Mandrake 2007.0 x86_64
-
Mandriva proftpd-1.3.0-4.4mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-anonymous-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_autohost-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_case-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_clamav-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_ctrls_admin-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_facl-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_gss-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_ifsession-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_ldap-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_load-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_quotatab-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_quotatab_file-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_quotatab_ldap-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_quotatab_sql-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_radius-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_ratio-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_rewrite-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_shaper-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_site_misc-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_sql-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_sql_mysql-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_sql_postgres-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_time-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_tls-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_wrap-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_wrap_file-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_wrap_sql-1.3.0-4.4mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
Mandriva Linux Mandrake 2007.0
-
Mandriva proftpd-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-1.3.0-4.4mdv2007.0.src.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-anonymous-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_autohost-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_case-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_clamav-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_ctrls_admin-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_facl-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_gss-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_ifsession-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_ldap-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_load-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_quotatab-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_quotatab_file-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_quotatab_ldap-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_quotatab_sql-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_radius-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_ratio-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_rewrite-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_shaper-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_site_misc-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_sql-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_sql_mysql-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_sql_postgres-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_time-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_tls-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_wrap-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_wrap_file-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download -
Mandriva proftpd-mod_wrap_sql-1.3.0-4.4mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
ProFTPD Project ProFTPD 1.3
-
ProFTPD Project proftpd-1.3.0a.tar.bz2
ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.0a.tar.bz2
Trustix Secure Linux 2.2
-
Trustix proftpd-1.2.10-13tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix Secure Linux 3.0
-
Trustix proftpd-1.3.0a-2tr.i586.rpm
TSL 3.0
ftp://ftp.trustix.org/pub/trustix/updates
References
ProFTPD Controls Module Local Buffer Overflow Vulnerability
References:
References:
- ProFTPD Home Page (ProFTPD)
- Core Security Technologies - Corelabs Advisory CORE-2006-1127 ( Core Security Technologies)