ProFTPD on Debian Linux postinst Installation Privilege Escalation

This script is Copyright (C) 2003-2013 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by several flaws.

Description :

The following problems have been reported for the version of proftpd in
Debian 2.2 (potato):

1. There is a configuration error in the postinst script, when the user
enters 'yes', when asked if anonymous access should be enabled.
The postinst script wrongly leaves the 'run as uid/gid root'
configuration option in /etc/proftpd.conf, and adds a
'run as uid/gid nobody' option that has no effect.

2. There is a bug that comes up when /var is a symlink, and
proftpd is restarted. When stopping proftpd, the /var
symlink is removed
when it's started again a file named
/var is created.

Solution :

Upgrade your proftpd server to proftpd-1.2.0pre10-2.0potato1

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)

Family: FTP

Nessus Plugin ID: 11450 ()

Bugtraq ID:

CVE ID: CVE-2001-0456