Gentoo Archives: gentoo-announce

From: Thierry Carrez <koon@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200409-27 ] glFTPd: Local buffer overflow vulnerability
Date: Tue, 21 Sep 2004 20:47:59
Message-Id: 4150931C.4070905@gentoo.org
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5 Gentoo Linux Security Advisory GLSA 200409-27
6 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7 http://security.gentoo.org/
8 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10 Severity: Normal
11 Title: glFTPd: Local buffer overflow vulnerability
12 Date: September 21, 2004
13 Bugs: #64809
14 ID: 200409-27
15
16 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18 Synopsis
19 ========
20
21 glFTPd is vulnerable to a local buffer overflow which may allow
22 arbitrary code execution.
23
24 Background
25 ==========
26
27 glFTPd is a highly configurable FTP server with many features.
28
29 Affected packages
30 =================
31
32 -------------------------------------------------------------------
33 Package / Vulnerable / Unaffected
34 -------------------------------------------------------------------
35 1 net-ftp/glftpd < 1.32-r1 >= 1.32-r1
36
37 Description
38 ===========
39
40 The glFTPd server is vulnerable to a buffer overflow in the 'dupescan'
41 program. This vulnerability is due to an unsafe strcpy() call which can
42 cause the program to crash when a large argument is passed.
43
44 Impact
45 ======
46
47 A local user with malicious intent can pass a parameter to the dupescan
48 program that exceeds the size of the buffer, causing it to overflow.
49 This can lead the program to crash, and potentially allow arbitrary
50 code execution with the permissions of the user running glFTPd, which
51 could be the root user.
52
53 Workaround
54 ==========
55
56 There is no known workaround at this time.
57
58 Resolution
59 ==========
60
61 All glFTPd users should upgrade to the latest version:
62
63 # emerge sync
64
65 # emerge -pv ">=net-ftp/glftpd-1.32-r1"
66 # emerge ">=net-ftp/glftpd-1.32-r1"
67
68 References
69 ==========
70
71 [ 1 ] BugTraq Advisory
72
73 http://www.securityfocus.com/archive/1/375775/2004-09-17/2004-09-23/0
74 [ 2 ] glFTPd Announcement
75
76 http://www.glftpd.com/modules.php?op=modload&name=News&file=article&sid=23&mode=thread&order=0&thold=0
77
78 Availability
79 ============
80
81 This GLSA and any updates to it are available for viewing at
82 the Gentoo Security Website:
83
84 http://security.gentoo.org/glsa/glsa-200409-27.xml
85
86 Concerns?
87 =========
88
89 Security is a primary focus of Gentoo Linux and ensuring the
90 confidentiality and security of our users machines is of utmost
91 importance to us. Any security concerns should be addressed to
92 security@g.o or alternatively, you may file a bug at
93 http://bugs.gentoo.org.
94
95 License
96 =======
97
98 Copyright 2004 Gentoo Foundation, Inc; referenced text
99 belongs to its owner(s).
100
101 The contents of this document are licensed under the
102 Creative Commons - Attribution / Share Alike license.
103
104 http://creativecommons.org/licenses/by-sa/1.0
105
106 -----BEGIN PGP SIGNATURE-----
107 Version: GnuPG v1.2.4 (GNU/Linux)
108 Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
109
110 iD8DBQFBUJMcvcL1obalX08RAtkwAJ0fmWv3UebPX9CaHyvO6ESgpV6JUwCgojQA
111 dDLOoO539THNdr4aN2PrJD8=
112 =GNfu
113 -----END PGP SIGNATURE-----