Ravens PHP Scripts

ProFTPD mod_tls Buffer Overflow Vulnerability
Date: Tuesday, November 28, 2006 @ 11:31:59 CET
Topic: Security


SECUNIA ADVISORY ID: SA23141

VERIFY ADVISORY: http://secunia.com/advisories/23141/

CRITICAL: Moderately critical

IMPACT: System access, DoS

SOFTWARE:
ProFTPD 1.3.x - http://secunia.com/product/5430/
ProFTPD 1.2.x - http://secunia.com/product/1250/

DESCRIPTION: Evgeny Legerov has reported a vulnerability in the mod_tls module for ProFTPD, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "tls_x509_name_oneline()" function in contrib/mod_tls.c. This can be exploited to cause a buffer overflow by sending specially crafted data to a server. Successful exploitation may allow execution of arbitrary code, but requires that ProFTPD uses the mod_tls module. The vulnerability is reported in version 1.3.0a. Other versions may also be affected.

SOLUTION: Restrict access to trusted people only.

PROVIDED AND/OR DISCOVERED BY: Evgeny Legerov

ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050935.html








This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=2517