SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (File Transfer/Sharing)  >   FTP (Generic) Vendors:   Apple
Apple FTPServer Lets Remote Authenticated Users Traverse the Directory
SecurityTracker Alert ID:  1017990
SecurityTracker URL:  http://securitytracker.com/id/1017990
CVE Reference:   CVE-2007-0745   (Links to External Site)
Date:  May 1 2007
Impact:   Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Server version 10.4.9 with Security Update 2007-004 applied
Description:   A vulnerability was reported in Apple FTPServer. A remote authenticated user can access directories on the target system.

A remote authenticated user can navigate to directories on the target system that are located outside of the FTP directory.

This vulnerability was introduced by Security Update 2007-004, which applied an incorrect ftp configuration file for Mac OS X Server v10.4.9 systems.

Impact:   A remote authenticated user can access directories on the target system located outside of the FTP directory.
Solution:   The vendor has issued a fix (Security Update 2007-004 v1.1), available from the Software Update pane in System Preferences, or Apple's Software Downloads web site at:

http://www.apple.com/support/downloads/

For Mac OS X v10.4.9 (PowerPC) and Mac OS X Server v10.4.9 (PowerPC)
The download file is named: "SecUpd2007-004Ti.dmg"
Its SHA-1 digest is: 60319316b3eba0de37f7ea747e59decfafe1ea81

For Mac OS X v10.4.9 (Universal) and
Mac OS X Server v10.4.9 (Universal)
The download file is named: "SecUpd2007-004Univ.dmg"
Its SHA-1 digest is: fb6ec6a7d8729bd21d1431192ecb7665e9fd2b80

For Mac OS X v10.3.9
The download file is named: "SecUpd2007-004Pan.dmg"
Its SHA-1 digest is: 39b9be13a82ea546f18ff4958cfd69b0d37947e8

Mac OS X v10.4.9 (client) and Mac OS X Server v10.3.9 systems that have Security Update 2007-004 do not require Security Update 2007-004 v1.1. Because Mac OS X v10.4.9 (client) and Mac OS X Server v10.3.9 systems that have Security Update 2007-004 are not vulnerable, the Software Update utility will not display Security Update 2007-004 v1.1 for those systems.

The Apple advisory is available at:

http://docs.info.apple.com/article.html?artnum=305445

Cause:   Configuration error
Underlying OS:  UNIX (macOS/OS X)

Message History:   None.


 Source Message Contents

Subject:  APPLE-SA-2007-05-01 Security Update 2007-004 v1.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2007-05-01 Security Update 2007-004 v1.1

Security Update 2007-004 v1.1 is now available. It includes the
contents of Security Update 2007-004, plus the following fixes:

AirPort
Available for: Mac OS X v10.3.9
This update corrects an issue where the AirPort connection may
be lost after waking from sleep. This issue only affects
Mac OS X v10.3.9 (client) with Security Update 2007-004.

FTPServer
CVE-ID: CVE-2007-0745
Available for: Mac OS X Server v10.4.9
Impact: Users with ftp access may be able to navigate to directories
outside the normal scope
Description: Security Update 2007-004 applied an incorrect ftp
configuration file for Mac OS X Server v10.4.9 systems. Users with
ftp access, who would normally be restricted to certain directories,
may be able to access directories outside the normal scope. This
update addresses the issue by restoring the correct version
of the ftp configuration file. This issue only affects
Mac OS X Server v10.4.9 with Security Update 2007-004.

Note:

Mac OS X v10.4.9 (client) and Mac OS X Server v10.3.9 systems that
have installed Security Update 2007-004 do not require Security
Update 2007-004 v1.1. If the security update has not yet been
installed on these systems, then they should be updated using
Security Update 2007-004 v1.1.

Since Mac OS X v10.4.9 (client) and Mac OS X Server v10.3.9 systems
that have already installed Security Update 2007-004 are not
affected, the Software Update utility will not display Security
Update 2007-004 v1.1 for these systems.


Security Update 2007-004 v1.1 may be obtained from the Software
Update pane in System Preferences, or Apple's Software Downloads web
site: http://www.apple.com/support/downloads/

For Mac OS X v10.4.9 (PowerPC) and Mac OS X Server v10.4.9 (PowerPC)
The download file is named:  "SecUpd2007-004Ti.dmg"
Its SHA-1 digest is:  60319316b3eba0de37f7ea747e59decfafe1ea81

For Mac OS X v10.4.9 (Universal) and
Mac OS X Server v10.4.9 (Universal)
The download file is named:  "SecUpd2007-004Univ.dmg"
Its SHA-1 digest is:  fb6ec6a7d8729bd21d1431192ecb7665e9fd2b80

For Mac OS X v10.3.9
The download file is named:  "SecUpd2007-004Pan.dmg"
Its SHA-1 digest is:  39b9be13a82ea546f18ff4958cfd69b0d37947e8

Information will also be posted to the Apple Product Security
web site:
http://docs.info.apple.com/article.html?artnum=61798

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)

iQEVAwUBRjd3OImzP5/bU5rtAQiNoQgAuOdAF0Mf1S0TsVH7d4Fg6fgKq34HMQ3w
Unmd1dGx1PxXahSRcDoCfhxFlE+Eh5VLgC3lgrWhQ2WW5wXPA8xFbP6YjFelfwOo
ZDuykcEtDoTEPPUcrVVfh/cyGoYP7x7uGDzzvjH9qwFie6PtKjKcAf640aFBchfn
A7UXkQEGm6mZwvZ14lGbVxWHZ09vjbM5otZv60vy8u6p6l3XjntjSrKSK2d7aWqF
gHH/H8bxLbXhNL9kveXBsZTCK3TG3uJFJ90i+v63odTS6THHnl3mjm31Sx5DUF7g
im7OTXT94mCfWDVK8YEcNf/NH3GQmVnE7+oXlHbQ+f86PWOgvaEQ9g==
=hOXJ
-----END PGP SIGNATURE-----

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list      (Security-announce@lists.apple.com)
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC