SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   gFTP Vendors:   Masney, Brian
(Red Hat Issues Fix) gFTP Input Validation Error Lets Remote Servers Specify the File Path on Requested Files
SecurityTracker Alert ID:  1014180
SecurityTracker URL:  http://securitytracker.com/id/1014180
CVE Reference:   CVE-2005-0372   (Links to External Site)
Date:  Jun 13 2005
Impact:   Modification of system information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 2.0.18
Description:   A vulnerability was reported in gFTP. A remote server can cause retrieved files to be written to alternate locations.

An FTP server can return a specially crafted file path in response to an FTP GET request to cause the requested file to be written to a location on the target system that is specified by the connected FTP server.

Impact:   A remote server can cause retrieved files to be written to alternate locations on the target system with the privileges of the target user.
Solution:   Red Hat has released a fix.

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gftp-2.0.8-5.src.rpm
9ad04edd854e04b291b8ad13cdbb1329 gftp-2.0.8-5.src.rpm

i386:
43668a3d9304b5bd3e1c10089e0d1aad gftp-2.0.8-5.i386.rpm

ia64:
f6d35d6320d0c829994dfbfd2059acd8 gftp-2.0.8-5.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gftp-2.0.8-5.src.rpm
9ad04edd854e04b291b8ad13cdbb1329 gftp-2.0.8-5.src.rpm

ia64:
f6d35d6320d0c829994dfbfd2059acd8 gftp-2.0.8-5.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gftp-2.0.8-5.src.rpm
9ad04edd854e04b291b8ad13cdbb1329 gftp-2.0.8-5.src.rpm

i386:
43668a3d9304b5bd3e1c10089e0d1aad gftp-2.0.8-5.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gftp-2.0.8-5.src.rpm
9ad04edd854e04b291b8ad13cdbb1329 gftp-2.0.8-5.src.rpm

i386:
43668a3d9304b5bd3e1c10089e0d1aad gftp-2.0.8-5.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gftp-2.0.14-4.src.rpm
b1f1c96f874c88ca7876bd4b89ea84d8 gftp-2.0.14-4.src.rpm

i386:
d70901a39c11289a7062f74bbddbbf47 gftp-2.0.14-4.i386.rpm

ia64:
25b3c26a26f2ff5f7da7398c76cf1a62 gftp-2.0.14-4.ia64.rpm

ppc:
e8bd14e811c5f61980523908488f517f gftp-2.0.14-4.ppc.rpm

s390:
0c41a94c255a367ca689550da2fc3f61 gftp-2.0.14-4.s390.rpm

s390x:
8d5cd4377701caf95823a616cdaccb01 gftp-2.0.14-4.s390x.rpm

x86_64:
4f4d275023718ad3999cd454f55ab3ca gftp-2.0.14-4.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gftp-2.0.14-4.src.rpm
b1f1c96f874c88ca7876bd4b89ea84d8 gftp-2.0.14-4.src.rpm

i386:
d70901a39c11289a7062f74bbddbbf47 gftp-2.0.14-4.i386.rpm

x86_64:
4f4d275023718ad3999cd454f55ab3ca gftp-2.0.14-4.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gftp-2.0.14-4.src.rpm
b1f1c96f874c88ca7876bd4b89ea84d8 gftp-2.0.14-4.src.rpm

i386:
d70901a39c11289a7062f74bbddbbf47 gftp-2.0.14-4.i386.rpm

ia64:
25b3c26a26f2ff5f7da7398c76cf1a62 gftp-2.0.14-4.ia64.rpm

x86_64:
4f4d275023718ad3999cd454f55ab3ca gftp-2.0.14-4.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gftp-2.0.14-4.src.rpm
b1f1c96f874c88ca7876bd4b89ea84d8 gftp-2.0.14-4.src.rpm

i386:
d70901a39c11289a7062f74bbddbbf47 gftp-2.0.14-4.i386.rpm

ia64:
25b3c26a26f2ff5f7da7398c76cf1a62 gftp-2.0.14-4.ia64.rpm

x86_64:
4f4d275023718ad3999cd454f55ab3ca gftp-2.0.14-4.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gftp-2.0.17-5.src.rpm
33d5e9f32fd24288b45d621e02daa0f5 gftp-2.0.17-5.src.rpm

i386:
9e9c8b22418ac80d805a43e0d6530fc6 gftp-2.0.17-5.i386.rpm

ia64:
60fbcc6fd5db5d4b468c680d89b52cf3 gftp-2.0.17-5.ia64.rpm

ppc:
f406c09280eac463ce88e5126bb06715 gftp-2.0.17-5.ppc.rpm

s390:
2c7593bcd854a18c2ee08c15c59c8459 gftp-2.0.17-5.s390.rpm

s390x:
d8956d0266bad37b28a7cba9a1ef636f gftp-2.0.17-5.s390x.rpm

x86_64:
4718135258fd4a5334f6de3516972ae6 gftp-2.0.17-5.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gftp-2.0.17-5.src.rpm
33d5e9f32fd24288b45d621e02daa0f5 gftp-2.0.17-5.src.rpm

i386:
9e9c8b22418ac80d805a43e0d6530fc6 gftp-2.0.17-5.i386.rpm

x86_64:
4718135258fd4a5334f6de3516972ae6 gftp-2.0.17-5.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gftp-2.0.17-5.src.rpm
33d5e9f32fd24288b45d621e02daa0f5 gftp-2.0.17-5.src.rpm

i386:
9e9c8b22418ac80d805a43e0d6530fc6 gftp-2.0.17-5.i386.rpm

ia64:
60fbcc6fd5db5d4b468c680d89b52cf3 gftp-2.0.17-5.ia64.rpm

x86_64:
4718135258fd4a5334f6de3516972ae6 gftp-2.0.17-5.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gftp-2.0.17-5.src.rpm
33d5e9f32fd24288b45d621e02daa0f5 gftp-2.0.17-5.src.rpm

i386:
9e9c8b22418ac80d805a43e0d6530fc6 gftp-2.0.17-5.i386.rpm

ia64:
60fbcc6fd5db5d4b468c680d89b52cf3 gftp-2.0.17-5.ia64.rpm

x86_64:
4718135258fd4a5334f6de3516972ae6 gftp-2.0.17-5.x86_64.rpm

Vendor URL:  www.gftp.org/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Red Hat Enterprise)
Underlying OS Comments:  2.1, 3, 4

Message History:   This archive entry is a follow-up to the message listed below.
Feb 14 2005 gFTP Input Validation Error Lets Remote Servers Specify the File Path on Requested Files



 Source Message Contents

Subject:  [RHSA-2005:410-01] Moderate: gftp security update


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Moderate: gftp security update
Advisory ID:       RHSA-2005:410-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2005-410.html
Issue date:        2005-06-13
Updated on:        2005-06-13
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2005-0372
- ---------------------------------------------------------------------

1. Summary:

An updated gFTP package that fixes a directory traversal issue is now
available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

gFTP is a multi-threaded FTP client for the X Window System.

A directory traversal bug was found in gFTP. If a user can be tricked into
downloading a file from a malicious ftp server, it is possible to overwrite
arbitrary files owned by the victim. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0372 to
this issue.

Users of gftp should upgrade to this updated package, which contains a
backported fix for this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

149109 - CAN-2005-0372 directory traversal issue in gftp


6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gftp-2.0.8-5.src.rpm
9ad04edd854e04b291b8ad13cdbb1329  gftp-2.0.8-5.src.rpm

i386:
43668a3d9304b5bd3e1c10089e0d1aad  gftp-2.0.8-5.i386.rpm

ia64:
f6d35d6320d0c829994dfbfd2059acd8  gftp-2.0.8-5.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gftp-2.0.8-5.src.rpm
9ad04edd854e04b291b8ad13cdbb1329  gftp-2.0.8-5.src.rpm

ia64:
f6d35d6320d0c829994dfbfd2059acd8  gftp-2.0.8-5.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gftp-2.0.8-5.src.rpm
9ad04edd854e04b291b8ad13cdbb1329  gftp-2.0.8-5.src.rpm

i386:
43668a3d9304b5bd3e1c10089e0d1aad  gftp-2.0.8-5.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gftp-2.0.8-5.src.rpm
9ad04edd854e04b291b8ad13cdbb1329  gftp-2.0.8-5.src.rpm

i386:
43668a3d9304b5bd3e1c10089e0d1aad  gftp-2.0.8-5.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gftp-2.0.14-4.src.rpm
b1f1c96f874c88ca7876bd4b89ea84d8  gftp-2.0.14-4.src.rpm

i386:
d70901a39c11289a7062f74bbddbbf47  gftp-2.0.14-4.i386.rpm

ia64:
25b3c26a26f2ff5f7da7398c76cf1a62  gftp-2.0.14-4.ia64.rpm

ppc:
e8bd14e811c5f61980523908488f517f  gftp-2.0.14-4.ppc.rpm

s390:
0c41a94c255a367ca689550da2fc3f61  gftp-2.0.14-4.s390.rpm

s390x:
8d5cd4377701caf95823a616cdaccb01  gftp-2.0.14-4.s390x.rpm

x86_64:
4f4d275023718ad3999cd454f55ab3ca  gftp-2.0.14-4.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gftp-2.0.14-4.src.rpm
b1f1c96f874c88ca7876bd4b89ea84d8  gftp-2.0.14-4.src.rpm

i386:
d70901a39c11289a7062f74bbddbbf47  gftp-2.0.14-4.i386.rpm

x86_64:
4f4d275023718ad3999cd454f55ab3ca  gftp-2.0.14-4.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gftp-2.0.14-4.src.rpm
b1f1c96f874c88ca7876bd4b89ea84d8  gftp-2.0.14-4.src.rpm

i386:
d70901a39c11289a7062f74bbddbbf47  gftp-2.0.14-4.i386.rpm

ia64:
25b3c26a26f2ff5f7da7398c76cf1a62  gftp-2.0.14-4.ia64.rpm

x86_64:
4f4d275023718ad3999cd454f55ab3ca  gftp-2.0.14-4.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gftp-2.0.14-4.src.rpm
b1f1c96f874c88ca7876bd4b89ea84d8  gftp-2.0.14-4.src.rpm

i386:
d70901a39c11289a7062f74bbddbbf47  gftp-2.0.14-4.i386.rpm

ia64:
25b3c26a26f2ff5f7da7398c76cf1a62  gftp-2.0.14-4.ia64.rpm

x86_64:
4f4d275023718ad3999cd454f55ab3ca  gftp-2.0.14-4.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gftp-2.0.17-5.src.rpm
33d5e9f32fd24288b45d621e02daa0f5  gftp-2.0.17-5.src.rpm

i386:
9e9c8b22418ac80d805a43e0d6530fc6  gftp-2.0.17-5.i386.rpm

ia64:
60fbcc6fd5db5d4b468c680d89b52cf3  gftp-2.0.17-5.ia64.rpm

ppc:
f406c09280eac463ce88e5126bb06715  gftp-2.0.17-5.ppc.rpm

s390:
2c7593bcd854a18c2ee08c15c59c8459  gftp-2.0.17-5.s390.rpm

s390x:
d8956d0266bad37b28a7cba9a1ef636f  gftp-2.0.17-5.s390x.rpm

x86_64:
4718135258fd4a5334f6de3516972ae6  gftp-2.0.17-5.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gftp-2.0.17-5.src.rpm
33d5e9f32fd24288b45d621e02daa0f5  gftp-2.0.17-5.src.rpm

i386:
9e9c8b22418ac80d805a43e0d6530fc6  gftp-2.0.17-5.i386.rpm

x86_64:
4718135258fd4a5334f6de3516972ae6  gftp-2.0.17-5.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gftp-2.0.17-5.src.rpm
33d5e9f32fd24288b45d621e02daa0f5  gftp-2.0.17-5.src.rpm

i386:
9e9c8b22418ac80d805a43e0d6530fc6  gftp-2.0.17-5.i386.rpm

ia64:
60fbcc6fd5db5d4b468c680d89b52cf3  gftp-2.0.17-5.ia64.rpm

x86_64:
4718135258fd4a5334f6de3516972ae6  gftp-2.0.17-5.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gftp-2.0.17-5.src.rpm
33d5e9f32fd24288b45d621e02daa0f5  gftp-2.0.17-5.src.rpm

i386:
9e9c8b22418ac80d805a43e0d6530fc6  gftp-2.0.17-5.i386.rpm

ia64:
60fbcc6fd5db5d4b468c680d89b52cf3  gftp-2.0.17-5.ia64.rpm

x86_64:
4718135258fd4a5334f6de3516972ae6  gftp-2.0.17-5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0372

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCrX3YXlSAg2UNWIIRAh/aAKC6hnG0gAetBDrjGz+ayC2fjCld9wCgotsf
GoHq9L1/5EsqKzCmk7/Snbg=
=+9EW
-----END PGP SIGNATURE-----


-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC