ISS X-Force Database: palmetto-ftpd-bo(1728): FTP remote buffer overflows allow root access

FTP remote buffer overflows allow root access

palmetto-ftpd-bo (1728)

High Risk

Description:

ProFTPD could allow a remote attacker to execute arbitrary commands as root. By default, these servers are installed on many operating systems, including Slackware and Red Hat Linux distributions.

Consequences:

Gain Access

Remedy:

Upgrade to the latest version of ProFTPD (1.2.0pre2 or later), as listed in BindView Security Advisory, February 9, 1999. See References.

— OR —

Apply the 1.2.0pre1 patch, as listed in BindView Security Advisory, February 9, 1999. See References.

— AND —

Upgrade to the latest version of wu-ftpd (2.4.2 BETA 18 VR10 or later), as listed in BindView Security Advisory, February 9, 1999. See References.

Note: This vulnerability relies on the presence of long directory path structure. As a workaround, restrict access to world writable directories for FTP users.

References:

BindView RAZOR Security Advisory, February 9, 1999: Palmetto Technical Advisory.
Caldera International, Inc. Security Advisory CSSA-1999-004.0: Buffer overflow in wu-ftpd.
Caldera International, Inc. Security Advisory CSSA-1999-004.0: Buffer overflow in wu-ftpd.
CERT Advisory CA-1999-03: Remote buffer overflows in various FTP servers leads to potential root compromise.
CIAC Information Bulletin J-029: Buffer Overflows in Various FTP Servers.
Debian Security Advisory 19990210: Debian FTP packages: Buffer overflow in some ftp servers.
Red Hat, Inc. Linux 5.2 (Apollo) General Errata: wu-ftpd: Security Fix.
BID-113: Multiple Vendor FTPD realpath Vulnerability
BID-2242: Multiple Vendor FTP Long Path Buffer Overflow Vulnerability
CVE-1999-0368: Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

Platforms Affected:

Apple Mac OS
Compaq Tru64
Data General DG/UX
Digital OSF 1.0
FreeBSD FreeBSD
IBM AIX
IBM OS2
Linux Kernel
Microsoft Windows 2000
Microsoft Windows 2003 Server
Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows Me
Microsoft Windows NT 4.0
Microsoft Windows XP
OpenBSD OpenBSD
ProFTPD ProFTPD
SCO SCO Unix
SGI IRIX
Sun Solaris
Washington University WU-FTPD
WindRiver BSDOS
HP-UX

Reported:

Feb 09, 1999

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page