GNU Bash Environment Variable Handling Code Injection via ProFTPD (Shellshock)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote FTP server is affected by a remote code execution
vulnerability.

Description :

The remote FTP server is affected by a remote code execution
vulnerability due to an error in the Bash shell running on the remote
host. A remote, unauthenticated attacker can execute arbitrary code on
the remote host by sending a specially crafted request via the USER
FTP command. The 'mod_exec' module exports the attacker-supplied
username as an environment variable, which is then evaluated by Bash
as code.

See also :

http://www.proftpd.org/docs/contrib/mod_exec.html#ExecEnviron
http://seclists.org/oss-sec/2014/q3/650
http://www.nessus.org/u?dacf7829
https://www.invisiblethreat.ca/post/shellshock/

Solution :

Apply the referenced patch.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: FTP

Nessus Plugin ID: 77986 ()

Bugtraq ID: 70103
70137

CVE ID: CVE-2014-6271
CVE-2014-7169

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now