ID CVE-2013-4359
Summary Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation.
References
Vulnerable Configurations
  • ProFTPD 1.3.5 release candidate 3
    cpe:2.3:a:proftpd:proftpd:1.3.5:rc3
  • ProFTPD 1.3.4d
    cpe:2.3:a:proftpd:proftpd:1.3.4:d
CVSS
Base: 5.0 (as of 01-10-2013 - 05:27)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-245.NASL
    description A vulnerability has been discovered and corrected in proftpd : Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service (memory consumption) via a large response count value in an authentication request, which triggers a large memory allocation (CVE-2013-4359). The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 70300
    published 2013-10-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70300
    title Mandriva Linux Security Advisory : proftpd (MDVSA-2013:245)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-410.NASL
    description The ftp server ProFTPD was updated to 1.3.5a to fix one security issue. The following vulnerability was fixed : - CVE-2015-3306: Unauthenticated copying of files via SITE CPFR/CPTO allowed by mod_copy (boo#927290) In addition, proftpd was updated to 1.3.5a to fix a number of upstream bugs and improve functionality.
    last seen 2019-02-21
    modified 2015-11-16
    plugin id 84134
    published 2015-06-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84134
    title openSUSE Security Update : proftpd (openSUSE-2015-410)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-778.NASL
    description proftpd was updated to 1.3.4d. - Fixed broken build when using --disable-ipv6 configure option - Fixed mod_sql 'SQLAuthType Backend' MySQL issues - fix for bnc#843444 (CVE-2013-4359) - http://bugs.proftpd.org/show_bug.cgi?id=3973 - add proftpd-sftp-kbdint-max-responses-bug3973.patch - Improve systemd service file - use upstream tmpfiles.d file. related to [bnc#811793] - Use /run instead of /var/run - update to 1.3.4c - Added Spanish translation. - Fixed several mod_sftp issues, including SFTPPassPhraseProvider, handling of symlinks for REALPATH requests, and response code logging. - Fixed symlink race for creating directories when UserOwner is in effect. - Increased performance of FTP directory listings. - rebase and rename patches (remove version string) - proftpd-1.3.4a-dist.patch -> proftpd-dist.patch - proftpd-1.3.4a-ftpasswd.patch -> proftpd-ftpasswd.patch - proftpd-1.3.4a-strip.patch -> proftpd-strip.patch - fix proftpd.conf (rebase basic.conf patch) - IdentLookups is now a separate module IdentLookups on/off is needed and module is not built cause crrodriguez disabled it. - fix for bnc#787884 (https://bugzilla.novell.com/show_bug.cgi?id=787884) - added extra Source proftpd.conf.tmpfile - Disable ident lookups, this protocol is totally obsolete and dangerous. (add --disable-ident) - Fix debug info generation ( add --disable-strip) - Add systemd unit - update to 1.3.4b + Fixed mod_ldap segfault on login when LDAPUsers with no filters used. + Fixed sporadic SFTP upload issues for large files. + Fixed SSH2 handling for some clients (e.g. OpenVMS). + New FactsOptions directive; see doc/modules/mod_facts.html#FactsOptions + Fixed build errors on Tru64, AIX, Cygwin. - add Source Signatuire (.asc) file - add noBuildDate patch - add lang pkg - --enable-nls - add configure option - --enable-openssl, --with-lastlog
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75173
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75173
    title openSUSE Security Update : proftpd (openSUSE-SU-2013:1563-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2767.NASL
    description Kingcope discovered that the mod_sftp and mod_sftp_pam modules of proftpd, a powerful modular FTP/SFTP/FTPS server, are not properly validating input, before making pool allocations. An attacker can use this flaw to conduct denial of service attacks against the system running proftpd (resource exhaustion).
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 70201
    published 2013-09-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70201
    title Debian DSA-2767-1 : proftpd-dfsg - denial of service
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201309-15.NASL
    description The remote host is affected by the vulnerability described in GLSA-201309-15 (ProFTPD: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in ProFTPD. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, perform man-in-the-middle attacks to spoof arbitrary SSL servers, cause a Denial of Service condition, or read and modify arbitrary files. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 70111
    published 2013-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70111
    title GLSA-201309-15 : ProFTPD: Multiple vulnerabilities
  • NASL family FTP
    NASL id PROFTPD_1_3_5_RC4.NASL
    description The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is earlier than 1.3.5rc4 and is affected by a Denial of Service vulnerability in the mod_sftp_pam module.
    last seen 2019-02-21
    modified 2018-02-13
    plugin id 106754
    published 2018-02-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106754
    title ProFTPD 1.3.4d / 1.3.5rc3 Denial of Service
refmap via4
confirm http://bugs.proftpd.org/show_bug.cgi?id=3973
debian DSA-2767
misc http://kingcope.wordpress.com/2013/09/11/proftpd-mod_sftpmod_sftp_pam-invalid-pool-allocation-in-kbdint-authentication/
mlist [oss-security] 20130916 Re: CVE request: proftpd: mod_sftp/mod_sftp_pam invalid pool allocation during kbdint authentication
suse
  • openSUSE-SU-2013:1563
  • openSUSE-SU-2015:1031
Last major update 30-12-2016 - 21:59
Published 30-09-2013 - 17:55
Back to Top