首页 -> 安全研究
安全研究
安全漏洞
ProFTPD关机消息格式串漏洞
发布日期:2005-08-02
更新日期:2005-09-04
受影响系统:
ProFTPD Project ProFTPD < 1.3.0rc2不受影响系统:
ProFTPD Project ProFTPD 1.3.0rc2描述:
BUGTRAQ ID: 14381
CVE(CAN) ID: CVE-2005-2390
ProFTPD是一款开放源代码FTP服务程序。
ProFTPD中存在格式串漏洞,可能导致信息泄露。
管理员可以使用“ftpshut”配置显示给连接客户端的关机消息。这条消息可以使用几个变量。如果关机消息中使用了%C(当前工作目录)之类的变量,且攻击者也知道这些,攻击者就可以使用FTP客户端创建目录,并命名该目录,导致%C变量泄漏敏感信息,如附近缓冲区中的数据内容。
<*来源:sean (infamous41md@hotpop.com)
链接:http://www.proftpd.org/docs/RELEASE_NOTES-1.3.0rc2
http://security.gentoo.org/glsa/glsa-200508-02.xml
http://www.debian.org/security/2005/dsa-795
http://www.debian.org/security/2005/dsa-795
*>
建议:
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
* 使用“ftpshut”的管理员不要使用%C、%R和%U变量。
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-795-1)以及相应补丁:
DSA-795-1:New proftpd packages fix format string vulnerability
链接:http://www.debian.org/security/2005/dsa-795
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10.orig.tar.gz
Size/MD5 checksum: 920495 7d2bc5b4b1eef459a78e55c027a4f3c4
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1.dsc
Size/MD5 checksum: 897 1a728465d7d40d224e457809a06bc99c
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1.diff.gz
Size/MD5 checksum: 127095 88f227abf247ed988fc35203d4108802
Architecture independent packages:
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-doc_1.2.10-15sarge1_all.deb
Size/MD5 checksum: 417460 ffde86a53bcc329f806d1014478730d0
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_alpha.deb
Size/MD5 checksum: 444400 f07ac7db8a9c2745de8f9cab76cdb3c4
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_alpha.deb
Size/MD5 checksum: 457288 92100f9ba762c52d715c1f56f51f70a1
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_alpha.deb
Size/MD5 checksum: 476538 dc6f68d4dec57fb3646e15ca98e78d4a
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_alpha.deb
Size/MD5 checksum: 200800 ac5d323b2501c4396afd80ef0fb15c7f
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_alpha.deb
Size/MD5 checksum: 476842 5caa3a66575ae253d0ce1df399d2c145
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_amd64.deb
Size/MD5 checksum: 194542 dff3b3414b99189ea8a9f8d119109d47
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_amd64.deb
Size/MD5 checksum: 388576 e197f0eb6340706bb998872c0ea32949
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_amd64.deb
Size/MD5 checksum: 415108 906cf04f3eed0c5164f71bc22b6b7e01
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_amd64.deb
Size/MD5 checksum: 414970 a7baba4ba0bdd13548e6e28c4825a83f
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_amd64.deb
Size/MD5 checksum: 399826 a026b6c75ea587df68fbd1466adc1a2d
arm architecture (ARM)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_arm.deb
Size/MD5 checksum: 188762 0740654ff6aedc7e96a8c3dfbbd2d315
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_arm.deb
Size/MD5 checksum: 384080 1befd34e95a59132a071e3f9954eb6c4
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_arm.deb
Size/MD5 checksum: 398882 f4d78c3f50080f238407945718b45567
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_arm.deb
Size/MD5 checksum: 373788 bf67d85da87abfe27c7bf42cf2833b91
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_arm.deb
Size/MD5 checksum: 398776 b25b17e7f6bf86234865896bafa84678
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_hppa.deb
Size/MD5 checksum: 194488 8267bb5ad6c70238fcebf3fb4035dace
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_hppa.deb
Size/MD5 checksum: 403606 7dfe73131c34dc3e55c729bbc59f1252
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_hppa.deb
Size/MD5 checksum: 431726 42c9d2d7d190e0ccaafcdb44e31536f5
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_hppa.deb
Size/MD5 checksum: 431410 1aaf5d6855318e067640969095d8e96c
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_hppa.deb
Size/MD5 checksum: 414794 8ebec69081b2c56b56a532db0ce504fb
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_i386.deb
Size/MD5 checksum: 397122 c629a1bf4982b085d05be740052cfa67
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_i386.deb
Size/MD5 checksum: 396966 f67e8ec673c483fd3aa90f917595a250
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_i386.deb
Size/MD5 checksum: 189470 8f024068171ca297064f29e58bc51b33
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_i386.deb
Size/MD5 checksum: 381756 5355604f7b1625db02a3f68d97eff290
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_i386.deb
Size/MD5 checksum: 371622 1a26e468fef7b863f30bf2b1fe7df817
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_ia64.deb
Size/MD5 checksum: 207014 acacffe75c737005bb6c9d9bd63f091b
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_ia64.deb
Size/MD5 checksum: 535252 ed7479cef8bc9777c5f11223779896d0
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_ia64.deb
Size/MD5 checksum: 519678 0217f6bd617282f1e8d9e598f86f83aa
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_ia64.deb
Size/MD5 checksum: 562122 2fbccb31b331c17609d5e4fdf517416a
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_ia64.deb
Size/MD5 checksum: 562312 5084eb589b099cfd51759557ce8fd21b
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_m68k.deb
Size/MD5 checksum: 332318 a61dd073f2f9a4697d254b8e7fb48a14
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_m68k.deb
Size/MD5 checksum: 353102 1e24565274060aeeafb77a756f31f212
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_m68k.deb
Size/MD5 checksum: 340938 7afb5724e4caf150b6f5102c34c3c1d6
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_m68k.deb
Size/MD5 checksum: 352770 ed92f153968e58aa200df1ef2888afba
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_m68k.deb
Size/MD5 checksum: 187180 764673a0052a9b2b39e94076d764e2bb
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_mips.deb
Size/MD5 checksum: 382426 aee4a0de1997e66fb89f3a8b964e716a
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_mips.deb
Size/MD5 checksum: 406442 e45275b4fbc4479ffd60849efb79d067
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_mips.deb
Size/MD5 checksum: 201640 879687be2b57e8dcc90a8ea1158393ad
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_mips.deb
Size/MD5 checksum: 406224 5e522fc33f697d5dbd4df431c0cc9790
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_mips.deb
Size/MD5 checksum: 391930 08faf62b0089f29bd019866911c699e1
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_mipsel.deb
Size/MD5 checksum: 201838 239a8377c0a5b2940afe2cf5b86bdaf2
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_mipsel.deb
Size/MD5 checksum: 409472 378d91ea943ff489ed38b49d60e84b76
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_mipsel.deb
Size/MD5 checksum: 384264 dfd8fa9d98bdcda752dc1cf7a88f6582
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_mipsel.deb
Size/MD5 checksum: 393384 ce795b5aa745c5d412c39814a5a8a427
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_mipsel.deb
Size/MD5 checksum: 409220 a84d6673ece2d89d4e28f39279f2914e
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_powerpc.deb
Size/MD5 checksum: 384498 492efa6567a3f8e13b019c7fb05f160e
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_powerpc.deb
Size/MD5 checksum: 411728 2073ec04cf38a1449d4a350c3e55f16f
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_powerpc.deb
Size/MD5 checksum: 412074 f07eb73d8f40955facf41d2d52d67da2
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_powerpc.deb
Size/MD5 checksum: 195382 c6079a29a73a585f060c1ee6037cb93f
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_powerpc.deb
Size/MD5 checksum: 395084 23ec082a6c703f517b3d9fa68ec42d9b
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_s390.deb
Size/MD5 checksum: 193006 1e52c1da9c58b290978b7935a9d58770
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_s390.deb
Size/MD5 checksum: 379632 b7ecd26925dd5bf9a69f24e33dd55184
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_s390.deb
Size/MD5 checksum: 390112 814e21080d6d95cea596a8dc5747e29f
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_s390.deb
Size/MD5 checksum: 403740 8426f8d4d195c1d51dd568249cb61619
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_s390.deb
Size/MD5 checksum: 403984 89ff426837c5b0dbfed07f88700f619c
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-mysql_1.2.10-15sarge1_sparc.deb
Size/MD5 checksum: 394824 4b17a185fb614e83739fd7cdc711b63a
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-ldap_1.2.10-15sarge1_sparc.deb
Size/MD5 checksum: 379428 5f182cf8e0303797c78f65f6aa8704a9
http://security.debian.org/pool/updates/main/p/proftpd/proftpd_1.2.10-15sarge1_sparc.deb
Size/MD5 checksum: 369734 a75df8c75998eae366a2200516eaf01f
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-common_1.2.10-15sarge1_sparc.deb
Size/MD5 checksum: 189018 c30ff0d36b2f68fc795f25efb128dd20
http://security.debian.org/pool/updates/main/p/proftpd/proftpd-pgsql_1.2.10-15sarge1_sparc.deb
Size/MD5 checksum: 394700 9a8eb46038f3086f04daef31fea9b821
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
ProFTPD Project
---------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
* ProFTPD Upgrade proftpd-1.3.0rc2.tar.gz
ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.0rc2.tar.gz
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200508-02)以及相应补丁:
GLSA-200508-02:ProFTPD: Format string vulnerabilities
链接:http://security.gentoo.org/glsa/glsa-200508-02.xml
所有ProFTPD用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-ftp/proftpd-1.2.10-r7"
浏览次数:5045
严重程度:0(网友投票)
绿盟科技给您安全的保障