Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2017:1035-1

Опубликовано: 18 апр. 2017
Источник: suse-cvrf

Описание

Security update for proftpd

This update for proftpd to version 1.3.5d fixes the following issues:

This security issue was fixed:

  • CVE-2017-7418: ProFTPD checked only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link (bsc#1032443).

These non-security issues were fixed:

  • Reduce TLS protocols to TLSv1.1 and TLSv1.2
  • Disable TLSCACertificateFile
  • Add TLSCertificateChainFile
  • All FTP logins are treated as anonymous logins again
  • SSH rekey during authentication could have caused issues with clients.
  • Recursive SCP uploads of multiple directories were not handled properly.
  • LIST returned different results for file, depending on path syntax.
  • 'AuthAliasOnly on' in server config broke anonymous logins.
  • Fixed memory leak when mod_facl is used.
  • Fix systemd vs SysVinit inconsistency

Список пакетов

openSUSE Leap 42.1
proftpd-1.3.5d-6.3.1
proftpd-devel-1.3.5d-6.3.1
proftpd-doc-1.3.5d-6.3.1
proftpd-lang-1.3.5d-6.3.1
proftpd-ldap-1.3.5d-6.3.1
proftpd-mysql-1.3.5d-6.3.1
proftpd-pgsql-1.3.5d-6.3.1
proftpd-radius-1.3.5d-6.3.1
proftpd-sqlite-1.3.5d-6.3.1
openSUSE Leap 42.2
proftpd-1.3.5d-6.3.1
proftpd-devel-1.3.5d-6.3.1
proftpd-doc-1.3.5d-6.3.1
proftpd-lang-1.3.5d-6.3.1
proftpd-ldap-1.3.5d-6.3.1
proftpd-mysql-1.3.5d-6.3.1
proftpd-pgsql-1.3.5d-6.3.1
proftpd-radius-1.3.5d-6.3.1
proftpd-sqlite-1.3.5d-6.3.1

Ссылки

Описание

ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link. The threat model includes an attacker who is not granted full filesystem access by a hosting provider, but can reconfigure the home directory of an FTP user.

Затронутые продукты
openSUSE Leap 42.1:proftpd-1.3.5d-6.3.1
openSUSE Leap 42.1:proftpd-devel-1.3.5d-6.3.1
openSUSE Leap 42.1:proftpd-doc-1.3.5d-6.3.1
openSUSE Leap 42.1:proftpd-lang-1.3.5d-6.3.1
Ссылки