Detections
Analytics

Mandrake Linux Security Advisory : proftpd (MDKSA-2002:005)

high Nessus Plugin ID 13913

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

Matthew S. Hallacy discovered that ProFTPD was not forward resolving reverse-resolved hostnames. A remote attacker could exploit this to bypass ProFTPD access controls or have false information logged. Frank Denis discovered that a remote attacker could send malicious commands to the ProFTPD server and it would force the process to consume all CPU and memory resources available to it. This DoS vulnerability could bring the server down with repeated attacks. Finally, Mattias found a segmentation fault problem that is considered by the developers to be unexploitable.

Solution

Update the affected proftpd package.

See Also

http://www.nessus.org/u?22b43320

https://www.securityfocus.com/archive/1/169395

https://www.securityfocus.com/archive/1/246331

Plugin Details

Severity: High

ID: 13913

File Name: mandrake_MDKSA-2002-005.nasl

Version: 1.18

Type: local

Published: 7/31/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:proftpd, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0, cpe:/o:mandrakesoft:mandrake_linux:8.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: No exploit is required

Patch Publication Date: 1/17/2002

Reference Information

CVE: CVE-2001-1500, CVE-2001-1501

BID: 3310

MDKSA: 2002:005