===================================================================== CERT-Renater Note d'Information No. 2006/VULN578 _____________________________________________________________________ DATE : 20/12/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running proftpd. ====================================================================== _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2006:232 http://www.mandriva.com/security/ _______________________________________________________________________ Package : proftpd Date : December 18, 2006 Affected: 2007.0 _______________________________________________________________________ Problem Description: Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value. Packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6563 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.0: afa8803b9eede3fb73f55d31cb33e594 2007.0/i586/proftpd-1.3.0-4.4mdv2007.0.i586.rpm a1239dcf4957c20d234084c22a063812 2007.0/i586/proftpd-anonymous-1.3.0-4.4mdv2007.0.i586.rpm e9e9a955957310f3ef26fa55e24a191d 2007.0/i586/proftpd-mod_autohost-1.3.0-4.4mdv2007.0.i586.rpm f1b9111ed66ef2316e386e992bff56a8 2007.0/i586/proftpd-mod_case-1.3.0-4.4mdv2007.0.i586.rpm 2f2aa9286bc126898cb23eaac5547cc0 2007.0/i586/proftpd-mod_clamav-1.3.0-4.4mdv2007.0.i586.rpm c5c71f0f78f6506842756ba9c79d121e 2007.0/i586/proftpd-mod_ctrls_admin-1.3.0-4.4mdv2007.0.i586.rpm bafbeb5bfc0684fcd053caec876646e8 2007.0/i586/proftpd-mod_facl-1.3.0-4.4mdv2007.0.i586.rpm 4f4c8bd3a36ff3b68e7a479590a3ee25 2007.0/i586/proftpd-mod_gss-1.3.0-4.4mdv2007.0.i586.rpm d5c741aec06c740e9d7f035a887f68d5 2007.0/i586/proftpd-mod_ifsession-1.3.0-4.4mdv2007.0.i586.rpm e61958daf818219eb409565efb0be974 2007.0/i586/proftpd-mod_ldap-1.3.0-4.4mdv2007.0.i586.rpm c6f84f04b1a35ef26d6985a9063f0993 2007.0/i586/proftpd-mod_load-1.3.0-4.4mdv2007.0.i586.rpm dc0fec8773907dd7739fab6f5f6a5c78 2007.0/i586/proftpd-mod_quotatab-1.3.0-4.4mdv2007.0.i586.rpm 860e998696b9140c94357457136be823 2007.0/i586/proftpd-mod_quotatab_file-1.3.0-4.4mdv2007.0.i586.rpm 31478a97cf53f3da2b02ff26a19f9f69 2007.0/i586/proftpd-mod_quotatab_ldap-1.3.0-4.4mdv2007.0.i586.rpm 355b61338fd647be4054d19e6c01587c 2007.0/i586/proftpd-mod_quotatab_sql-1.3.0-4.4mdv2007.0.i586.rpm aef74c8839a8cb1fef322573a5c8d484 2007.0/i586/proftpd-mod_radius-1.3.0-4.4mdv2007.0.i586.rpm 39b8c05989e14fc1aeb6fd1395d43973 2007.0/i586/proftpd-mod_ratio-1.3.0-4.4mdv2007.0.i586.rpm 61317e3f7742f4de4cfb26780f5cdd9a 2007.0/i586/proftpd-mod_rewrite-1.3.0-4.4mdv2007.0.i586.rpm 4eba5eb110289f346d1ba0881ac82d50 2007.0/i586/proftpd-mod_shaper-1.3.0-4.4mdv2007.0.i586.rpm 481a8ed2e0ffbc03751d26cd2ae0acb3 2007.0/i586/proftpd-mod_site_misc-1.3.0-4.4mdv2007.0.i586.rpm 76e926b07afbe8748f0ca072a1456c9b 2007.0/i586/proftpd-mod_sql-1.3.0-4.4mdv2007.0.i586.rpm 834b63d40bb375af7694165303dbaf54 2007.0/i586/proftpd-mod_sql_mysql-1.3.0-4.4mdv2007.0.i586.rpm 68190d61d5f9dc321d5e96eebdc6bc17 2007.0/i586/proftpd-mod_sql_postgres-1.3.0-4.4mdv2007.0.i586.rpm d2a242a9d88ac200a5715ec3a979627d 2007.0/i586/proftpd-mod_time-1.3.0-4.4mdv2007.0.i586.rpm a5d110ed77605d7056795a759d620774 2007.0/i586/proftpd-mod_tls-1.3.0-4.4mdv2007.0.i586.rpm 6d563b023289499bafa6438e18bea304 2007.0/i586/proftpd-mod_wrap-1.3.0-4.4mdv2007.0.i586.rpm 97066280186fe51879b1f9f83a0fe865 2007.0/i586/proftpd-mod_wrap_file-1.3.0-4.4mdv2007.0.i586.rpm 2a8ffd5324411ca4c5579b0f3cc821e0 2007.0/i586/proftpd-mod_wrap_sql-1.3.0-4.4mdv2007.0.i586.rpm 9ebf57be4074ca06a03e73ea67157225 2007.0/SRPMS/proftpd-1.3.0-4.4mdv2007.0.src.rpm Mandriva Linux 2007.0/X86_64: 952398679665b5a5647ef5f879797074 2007.0/x86_64/proftpd-1.3.0-4.4mdv2007.0.x86_64.rpm b67b546a78493bc67296b001da9f6dc5 2007.0/x86_64/proftpd-anonymous-1.3.0-4.4mdv2007.0.x86_64.rpm 57d7228f8190ad5956221ddd33748b2d 2007.0/x86_64/proftpd-mod_autohost-1.3.0-4.4mdv2007.0.x86_64.rpm c81674d9864512a2b47b00a4b9fc7ea2 2007.0/x86_64/proftpd-mod_case-1.3.0-4.4mdv2007.0.x86_64.rpm 38629437de2866467dbee64942ef3d55 2007.0/x86_64/proftpd-mod_clamav-1.3.0-4.4mdv2007.0.x86_64.rpm 59b89afa67aa44cf302b4585738d6b0c 2007.0/x86_64/proftpd-mod_ctrls_admin-1.3.0-4.4mdv2007.0.x86_64.rpm 11d2e9e34803433fb623bff58e19fcc3 2007.0/x86_64/proftpd-mod_facl-1.3.0-4.4mdv2007.0.x86_64.rpm 904dc5ff6e1ca7205eb28a0d31db67df 2007.0/x86_64/proftpd-mod_gss-1.3.0-4.4mdv2007.0.x86_64.rpm c3eed275e17b61dc989e898531c3f2ed 2007.0/x86_64/proftpd-mod_ifsession-1.3.0-4.4mdv2007.0.x86_64.rpm a060e67e5b0fe1e15dbc2e6d148de9b2 2007.0/x86_64/proftpd-mod_ldap-1.3.0-4.4mdv2007.0.x86_64.rpm 959febcf9f74abccf5e3f249b3cd4501 2007.0/x86_64/proftpd-mod_load-1.3.0-4.4mdv2007.0.x86_64.rpm f0807b9080f431540bfe8b5729b2005f 2007.0/x86_64/proftpd-mod_quotatab-1.3.0-4.4mdv2007.0.x86_64.rpm b0c463356a8cbc6140d6ea7b28c6dc72 2007.0/x86_64/proftpd-mod_quotatab_file-1.3.0-4.4mdv2007.0.x86_64.rpm 7dc4d54215124488579a572f49e4eea8 2007.0/x86_64/proftpd-mod_quotatab_ldap-1.3.0-4.4mdv2007.0.x86_64.rpm 2e8fbfc88d28b2fd367088ffb66b044e 2007.0/x86_64/proftpd-mod_quotatab_sql-1.3.0-4.4mdv2007.0.x86_64.rpm 6569fcc36cc6d11dfcc50db89a33037f 2007.0/x86_64/proftpd-mod_radius-1.3.0-4.4mdv2007.0.x86_64.rpm 39838f915a30da0f1ed0245fc521051e 2007.0/x86_64/proftpd-mod_ratio-1.3.0-4.4mdv2007.0.x86_64.rpm dd89c2a4e5878c440fa506b36104f0fb 2007.0/x86_64/proftpd-mod_rewrite-1.3.0-4.4mdv2007.0.x86_64.rpm 4b581f3bc61e0d34ff91f4dfad973ea1 2007.0/x86_64/proftpd-mod_shaper-1.3.0-4.4mdv2007.0.x86_64.rpm 37c2b30dcfc23cd9d1b6483e3b436442 2007.0/x86_64/proftpd-mod_site_misc-1.3.0-4.4mdv2007.0.x86_64.rpm a6ea95e4cdc9c3a17d06442c41169d69 2007.0/x86_64/proftpd-mod_sql-1.3.0-4.4mdv2007.0.x86_64.rpm a7011c17a1a97a32b46a0a125fcaa28e 2007.0/x86_64/proftpd-mod_sql_mysql-1.3.0-4.4mdv2007.0.x86_64.rpm f65a272ba0af2f52a26fba6ebd216ee0 2007.0/x86_64/proftpd-mod_sql_postgres-1.3.0-4.4mdv2007.0.x86_64.rpm 3187bcd5a199bbdafa6b49a43eb6cf91 2007.0/x86_64/proftpd-mod_time-1.3.0-4.4mdv2007.0.x86_64.rpm 296952dc6fd46b23a309e762d7784044 2007.0/x86_64/proftpd-mod_tls-1.3.0-4.4mdv2007.0.x86_64.rpm dad6e49ca6ea17a06d22740532acfc33 2007.0/x86_64/proftpd-mod_wrap-1.3.0-4.4mdv2007.0.x86_64.rpm c3fa12831336500d533262efe59541a7 2007.0/x86_64/proftpd-mod_wrap_file-1.3.0-4.4mdv2007.0.x86_64.rpm 3359395a670ecb3d7a94fc9e5d75373a 2007.0/x86_64/proftpd-mod_wrap_sql-1.3.0-4.4mdv2007.0.x86_64.rpm 9ebf57be4074ca06a03e73ea67157225 2007.0/SRPMS/proftpd-1.3.0-4.4mdv2007.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================