ProFTPD Command Truncation Cross-Site Request Forgery

This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is prone to a cross-site request forgery attack.

Description :

The remote host is using ProFTPD, a free FTP server for Unix and
Linux.

The version of ProFTPD running on the remote host splits an overly
long FTP command into a series of shorter ones and executes each in
turn. If an attacker can trick a ProFTPD administrator into accessing
a specially-formatted HTML link, arbitrary FTP commands could be
executed in the context of the affected application with the
administrator's privileges.

See also :

http://archives.neohapsis.com/archives/fulldisclosure/2008-09/0524.html
http://bugs.proftpd.org/show_bug.cgi?id=3115

Solution :

Apply the patch included in the bug report or upgrade to the latest
version in CVS.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 34265 ()

Bugtraq ID: 31289

CVE ID: CVE-2008-4242