ProFTPD on Debian Linux postinst Installation Privilege Escalation
Medium Nessus Plugin ID 11450
SynopsisThe remote FTP server is affected by several flaws.
DescriptionThe following problems have been reported for the version of proftpd in Debian 2.2 (potato):
1. There is a configuration error in the postinst script, when the user enters 'yes', when asked if anonymous access should be enabled. The postinst script wrongly leaves the 'run as uid/gid root' configuration option in /etc/proftpd.conf, and adds a 'run as uid/gid nobody' option that has no effect.
2. There is a bug that comes up when /var is a symlink, and proftpd is restarted. When stopping proftpd, the /var symlink is removed; when it's started again a file named /var is created.
SolutionUpgrade your proftpd server to proftpd-1.2.0pre10-2.0potato1