SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   gFTP Vendors:   Masney, Brian
(Debian Issues Fix) gFTP Input Validation Error Lets Remote Servers Specify the File Path on Requested Files
SecurityTracker Alert ID:  1013230
SecurityTracker URL:  http://securitytracker.com/id/1013230
CVE Reference:   CVE-2005-0372   (Links to External Site)
Date:  Feb 17 2005
Impact:   Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 2.0.18
Description:   A vulnerability was reported in gFTP. A remote server can cause retrieved files to be written to alternate locations.

An FTP server can return a specially crafted file path in response to an FTP GET request to cause the requested file to be written to a location on the target system that is specified by the connected FTP server.

Impact:   A remote server can cause retrieved files to be written to alternate locations on the target system with the privileges of the target user.
Solution:   Debian has released a fix.

Debian GNU/Linux 3.0 alias woody:

Source archives:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1.dsc
Size/MD5 checksum: 631 980555d208281b3ac35069dd0119f98c
http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1.diff.gz
Size/MD5 checksum: 2760 15eff6342db5e2f2bee5c262618cf642
http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11.orig.tar.gz
Size/MD5 checksum: 896320 3c63b5eed2faffe820bace112be2db8a

Alpha architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_alpha.deb
Size/MD5 checksum: 27350 39764c5e34ef08fce49bf59f887a0afa
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_alpha.deb
Size/MD5 checksum: 234078 359126a5f2d1da940f1b6000c7ab9752
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_alpha.deb
Size/MD5 checksum: 252376 56405294ce7a01e84976c8fc6683f544
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_alpha.deb
Size/MD5 checksum: 86296 8ac8f60d39cf4c3db57dd04df0b11a53

ARM architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_arm.deb
Size/MD5 checksum: 27360 9fea83142508e1b6c2790016c3395ca0
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_arm.deb
Size/MD5 checksum: 234120 a4760d5de60e0a4a04be1c8dc75ec264
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_arm.deb
Size/MD5 checksum: 226588 71fb1b6d6603d5967c6714e7ca33f389
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_arm.deb
Size/MD5 checksum: 73906 60c748df56cbef3944079654553497ea

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_i386.deb
Size/MD5 checksum: 27312 10aec83a3257a3bc22739e6087bc6ef2
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_i386.deb
Size/MD5 checksum: 234056 57459c25bd9f96bd6f26e566468856ba
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_i386.deb
Size/MD5 checksum: 219792 98beb285ca804a8fbbed4498a54268ff
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_i386.deb
Size/MD5 checksum: 68360 f8fa329a81404c4d5392c285e50a5505

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_ia64.deb
Size/MD5 checksum: 27348 6f32e2cb005ffe56e2803b860e0e4d74
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_ia64.deb
Size/MD5 checksum: 234044 a2c3ff641d7b2e880456f1a8868b33fe
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_ia64.deb
Size/MD5 checksum: 299582 b7c2e1ea7228f461235666d932361551
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_ia64.deb
Size/MD5 checksum: 110640 26995f700b8389fd9aad5b368f5faf7c

HP Precision architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_hppa.deb
Size/MD5 checksum: 27358 07b2d426543fd686ad3380e8bcd4805f
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_hppa.deb
Size/MD5 checksum: 234094 322189d295ba47c91d2061309fa6a9fa
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_hppa.deb
Size/MD5 checksum: 242482 44bb85b863ae217f2575835877041d4a
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_hppa.deb
Size/MD5 checksum: 82608 e31d810b73f571088cc837958d7a2796

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_m68k.deb
Size/MD5 checksum: 27358 faf8af474984da98e9d6f98f0918a261
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_m68k.deb
Size/MD5 checksum: 234106 a8b2e05b710887903feed817016f5f97
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_m68k.deb
Size/MD5 checksum: 210554 7a532d25cb6840e69f97647b08d619c0
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_m68k.deb
Size/MD5 checksum: 64032 983b93b4e2aac1922e97a193220e18d4

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_mips.deb
Size/MD5 checksum: 27362 103f10d9ae47826ee1957d14d556a46f
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_mips.deb
Size/MD5 checksum: 234114 0667ca7e24f987e6002955093df95537
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_mips.deb
Size/MD5 checksum: 224722 0bdb6399f56a1cc4819c3ab883a53a68
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_mips.deb
Size/MD5 checksum: 77184 26288b5af19513a0cf09bd82ca7b9336

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_mipsel.deb
Size/MD5 checksum: 27372 43c94486400ca12254c554cb4650fe01
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_mipsel.deb
Size/MD5 checksum: 234188 94df73bb1fe62d21a665ee80380db772
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_mipsel.deb
Size/MD5 checksum: 224648 210416ce87866bab58f2b2c390f52ece
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_mipsel.deb
Size/MD5 checksum: 77994 e1803d086deb47d61f2f79b62e22913e

PowerPC architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_powerpc.deb
Size/MD5 checksum: 27356 6426c00ec3364f72f0ec9481e5e89bb5
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_powerpc.deb
Size/MD5 checksum: 234082 35a1396d45c42ee5b34045c23ae34b05
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_powerpc.deb
Size/MD5 checksum: 227890 8fb52949c02dc3c8a8bf39c86814da9b
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_powerpc.deb
Size/MD5 checksum: 73356 8eba2f163e75f0716879c0320442c246

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_s390.deb
Size/MD5 checksum: 27352 6e71f2937c2db84ed950583237308504
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_s390.deb
Size/MD5 checksum: 234104 85637cf1e6794969be0cc35b6478f95b
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_s390.deb
Size/MD5 checksum: 219246 1f4647d19f593d958c5653e1a6515c2d
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_s390.deb
Size/MD5 checksum: 68090 f0a4483365820c67a7d875b21bc81734

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_sparc.deb
Size/MD5 checksum: 27356 f734ad981e036daed46044b6bd12f236
http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_sparc.deb
Size/MD5 checksum: 234102 4d9c016c8daefd7b20aefa37a193a6ce
http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_sparc.deb
Size/MD5 checksum: 226774 e04c114438c2788155e43c6c32eb4683
http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_sparc.deb
Size/MD5 checksum: 74910 88a25c71729495ccbebaf4c98eee102d

Vendor URL:  www.gftp.org/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Debian)
Underlying OS Comments:  3.0

Message History:   This archive entry is a follow-up to the message listed below.
Feb 14 2005 gFTP Input Validation Error Lets Remote Servers Specify the File Path on Requested Files



 Source Message Contents

Subject:  [SECURITY] [DSA 686-1] New gftp packages fix directory traversal vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 686-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
February 17th, 2005                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : gftp
Vulnerability  : missing input sanitising
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2005-0372

Albert Puigsech Galicia discovered a directory traversal vulnerability
in a proprietary FTP client (CAN-2004-1376) which is also present in
gftp, a GTK+ FTP client.  A malicious server could provide a specially
crafted filename that could cause arbitrary files to be overwritten or
created by the client.

For the stable distribution (woody) this problem has been fixed in
version 2.0.11-1woody1.

For the unstable distribution (sid) this problem has been fixed in
version 2.0.18-1.

We recommend that you upgrade your gftp package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1.dsc
      Size/MD5 checksum:      631 980555d208281b3ac35069dd0119f98c
    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1.diff.gz
      Size/MD5 checksum:     2760 15eff6342db5e2f2bee5c262618cf642
    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11.orig.tar.gz
      Size/MD5 checksum:   896320 3c63b5eed2faffe820bace112be2db8a

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_alpha.deb
      Size/MD5 checksum:    27350 39764c5e34ef08fce49bf59f887a0afa
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_alpha.deb
      Size/MD5 checksum:   234078 359126a5f2d1da940f1b6000c7ab9752
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_alpha.deb
      Size/MD5 checksum:   252376 56405294ce7a01e84976c8fc6683f544
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_alpha.deb
      Size/MD5 checksum:    86296 8ac8f60d39cf4c3db57dd04df0b11a53

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_arm.deb
      Size/MD5 checksum:    27360 9fea83142508e1b6c2790016c3395ca0
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_arm.deb
      Size/MD5 checksum:   234120 a4760d5de60e0a4a04be1c8dc75ec264
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_arm.deb
      Size/MD5 checksum:   226588 71fb1b6d6603d5967c6714e7ca33f389
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_arm.deb
      Size/MD5 checksum:    73906 60c748df56cbef3944079654553497ea

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_i386.deb
      Size/MD5 checksum:    27312 10aec83a3257a3bc22739e6087bc6ef2
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_i386.deb
      Size/MD5 checksum:   234056 57459c25bd9f96bd6f26e566468856ba
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_i386.deb
      Size/MD5 checksum:   219792 98beb285ca804a8fbbed4498a54268ff
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_i386.deb
      Size/MD5 checksum:    68360 f8fa329a81404c4d5392c285e50a5505

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_ia64.deb
      Size/MD5 checksum:    27348 6f32e2cb005ffe56e2803b860e0e4d74
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_ia64.deb
      Size/MD5 checksum:   234044 a2c3ff641d7b2e880456f1a8868b33fe
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_ia64.deb
      Size/MD5 checksum:   299582 b7c2e1ea7228f461235666d932361551
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_ia64.deb
      Size/MD5 checksum:   110640 26995f700b8389fd9aad5b368f5faf7c

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_hppa.deb
      Size/MD5 checksum:    27358 07b2d426543fd686ad3380e8bcd4805f
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_hppa.deb
      Size/MD5 checksum:   234094 322189d295ba47c91d2061309fa6a9fa
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_hppa.deb
      Size/MD5 checksum:   242482 44bb85b863ae217f2575835877041d4a
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_hppa.deb
      Size/MD5 checksum:    82608 e31d810b73f571088cc837958d7a2796

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_m68k.deb
      Size/MD5 checksum:    27358 faf8af474984da98e9d6f98f0918a261
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_m68k.deb
      Size/MD5 checksum:   234106 a8b2e05b710887903feed817016f5f97
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_m68k.deb
      Size/MD5 checksum:   210554 7a532d25cb6840e69f97647b08d619c0
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_m68k.deb
      Size/MD5 checksum:    64032 983b93b4e2aac1922e97a193220e18d4

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_mips.deb
      Size/MD5 checksum:    27362 103f10d9ae47826ee1957d14d556a46f
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_mips.deb
      Size/MD5 checksum:   234114 0667ca7e24f987e6002955093df95537
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_mips.deb
      Size/MD5 checksum:   224722 0bdb6399f56a1cc4819c3ab883a53a68
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_mips.deb
      Size/MD5 checksum:    77184 26288b5af19513a0cf09bd82ca7b9336

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_mipsel.deb
      Size/MD5 checksum:    27372 43c94486400ca12254c554cb4650fe01
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_mipsel.deb
      Size/MD5 checksum:   234188 94df73bb1fe62d21a665ee80380db772
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_mipsel.deb
      Size/MD5 checksum:   224648 210416ce87866bab58f2b2c390f52ece
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_mipsel.deb
      Size/MD5 checksum:    77994 e1803d086deb47d61f2f79b62e22913e

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_powerpc.deb
      Size/MD5 checksum:    27356 6426c00ec3364f72f0ec9481e5e89bb5
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_powerpc.deb
      Size/MD5 checksum:   234082 35a1396d45c42ee5b34045c23ae34b05
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_powerpc.deb
      Size/MD5 checksum:   227890 8fb52949c02dc3c8a8bf39c86814da9b
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_powerpc.deb
      Size/MD5 checksum:    73356 8eba2f163e75f0716879c0320442c246

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_s390.deb
      Size/MD5 checksum:    27352 6e71f2937c2db84ed950583237308504
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_s390.deb
      Size/MD5 checksum:   234104 85637cf1e6794969be0cc35b6478f95b
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_s390.deb
      Size/MD5 checksum:   219246 1f4647d19f593d958c5653e1a6515c2d
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_s390.deb
      Size/MD5 checksum:    68090 f0a4483365820c67a7d875b21bc81734

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gftp/gftp_2.0.11-1woody1_sparc.deb
      Size/MD5 checksum:    27356 f734ad981e036daed46044b6bd12f236
    http://security.debian.org/pool/updates/main/g/gftp/gftp-common_2.0.11-1woody1_sparc.deb
      Size/MD5 checksum:   234102 4d9c016c8daefd7b20aefa37a193a6ce
    http://security.debian.org/pool/updates/main/g/gftp/gftp-gtk_2.0.11-1woody1_sparc.deb
      Size/MD5 checksum:   226774 e04c114438c2788155e43c6c32eb4683
    http://security.debian.org/pool/updates/main/g/gftp/gftp-text_2.0.11-1woody1_sparc.deb
      Size/MD5 checksum:    74910 88a25c71729495ccbebaf4c98eee102d


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCFL8EW5ql+IAeqTIRAh86AJsG09wTgBE2liWU749noFHntWaHTACfeFfr
bpWjExuQyO+zj3bqzOnvl2E=
=Lbsq
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC