ProFTPD 'mod_copy' Arbitrary File Copy Vulnerability (Remote)
High Nessus Plugin ID 132749
SynopsisIt is possible for anonymous users to copy arbitrary files.
DescriptionThe remote host is running ProFTPD. It is affected by a vulnerability in the mod_copy module which fails to honor <Limit READ> and <Limit WRITE> configurations as expected. An unauthenticated, remote attacker can exploit this, by using the mod_copy module's functionality, in order to copy arbitrary files in the FTP directory, provided that anonymous logins and mod_copy are enabled and the FTP directory is accessible from a web server. If a file exists in the FTP directory that contains PHP code but does not use the PHP extension, an attacker can copy this file to one with a PHP extension in order to execute code.
SolutionUpgrade to the latest version of ProFTPD.