Ubuntu
proftpd-dfsg package

Telnet IAC processing stack overflow

Bug #674646 reported by Neil Wilson on 2010-11-12

This bug report is a duplicate of: Bug #674798: Backport proftpd security fixes. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	proftpd-dfsg (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Vulnerability in versions of proftpd between proftpd-1.3.2rc3 and proftpd-1.3.3

http://bugs.proftpd.org/show_bug.cgi?id=3521

Patches available in Debian.

http://packages.debian.org/changelogs/pool/main/p/proftpd-dfsg/proftpd-dfsg_1.3.3a-5/changelog

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: proftpd-basic (not installed)
ProcVersionSignature: Ubuntu 2.6.32-25.45-generic 2.6.32.21+drm33.7
Uname: Linux 2.6.32-25-generic x86_64
Architecture: amd64
Date: Fri Nov 12 19:07:51 2010
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release amd64 (20091027)
ProcEnviron:
PATH=(custom, user)
LANG=en_GB.utf8
SHELL=/bin/bash
SourcePackage: proftpd-dfsg

Tags:

Related branches

lp:ubuntu/maverick-security/proftpd-dfsg

lp:ubuntu/lucid-security/proftpd-dfsg

CVE References

Neil Wilson (neil-aldur) on 2010-11-12

Changed in proftpd-dfsg (Ubuntu):
status:	New → In Progress

Revision history for this message

Neil Wilson (neil-aldur) wrote on 2010-11-12:

Debdiff for security patch Edit (3.9 KiB, text/plain)

Neil Wilson (neil-aldur) on 2010-11-12

summary:	- CVE-2010-3867 - Telnet IAC processing stack overflow + Telnet IAC processing stack overflow
Changed in proftpd-dfsg (Ubuntu):
assignee:	nobody → Neil Wilson (neil-aldur)
assignee:	Neil Wilson (neil-aldur) → Brightbox (brightbox)

Neil Wilson (neil-aldur) on 2010-11-13

Changed in proftpd-dfsg (Ubuntu):
assignee:	Brightbox (brightbox) → nobody

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-11-23:

This bug was fixed in the package proftpd-dfsg - 1.3.2c-1ubuntu0.1

---------------
proftpd-dfsg (1.3.2c-1ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: Telnet IAC processing stack overflow.
     This vulnerability allows remote attackers to execute arbitrary code on
     vulnerable installations of ProFTPD. Authentication is not required to
     exploit this vulnerability.
     (LP: #674646)
     - debian/patches/3521.patch: adjust src/netio.c to check buflen properly.
     - http://bugs.proftpd.org/attachment.cgi?id=3521
     - CVE-2010-4221
   * SECURITY UPDATE: Inappropriate directory traversal allowed by
     mod_site_misc. This vulnerability can be used to:
      - create a directory located outside the writable directory
      - delete a directory located outside the writable directory
      - create a symlink located outside the writable directory
      - change the time of a file located outside the writable directory.
    (LP: #674798)
     - debian/patches/CVE_2010_3867.dpatch: based on debian 3519.dpatch
       backported to v1.3.2
     - http://bugs.proftpd.org/attachment.cgi?id=3519
     - CVE-2010-3867
-- Neil Wilson <email address hidden> Sat, 13 Nov 2010 11:51:28 +0000