Fedora 14 : proftpd-1.3.3c-1.fc14 (2010-17091)
Critical Nessus Plugin ID 50551
SynopsisThe remote Fedora host is missing a security update.
DescriptionThis is an update to the current upstream maintenance release, which addresses two security issues that can be exploited by malicious users to manipulate certain data and compromise a vulnerable system.
- A logic error in the code for processing user input containing the Telnet IAC (Interpret As Command) escape sequence can be exploited to cause a stack-based buffer overflow by sending specially crafted input to the FTP or FTPS service. Successful exploitation may allow execution of arbitrary code. This has been assigned the name CVE-2010-4221. More details can be found at http://bugs.proftpd.org/show_bug.cgi?id=3521
- An input validation error within the 'mod_site_misc' module can be exploited to e.g. create and delete directories, create symlinks, and change the time of files located outside a writable directory. Only configurations using 'mod_site_misc', which is not enabled by default, and where the attacker has write access to a directory, are vulnerable to this issue, which has been assigned CVE-2010-3867. More details can be found at http://bugs.proftpd.org/show_bug.cgi?id=3519
This update also fixes an issue with SQLite authentication and adds a new module 'mod_geoip', which can be used to look up geographical information on connecting clients and use that to set access controls for the server.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected proftpd package.