store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Mon Oct 20, 2014 5:10 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 32 posts ]  Go to page 1, 2, 3  Next
Author Message
 Post subject: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Tue Nov 02, 2010 12:16 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7935
Location: earth
This is duplicated from the ASL 2.0 repo.

http://www.atomicorp.com/news/security-update.html

Atomicorp Security Advisory

Level: Moderate to High



This is an important security update for psa-proftpd. Versions from 1.2.10rc1 to 1.3.3b are vulnerable to certain classes of attack that would allow a malicious user to:

* create a directory located outside the writable directory
* delete a directory located outside the writable directory
* create a symlink located outside the writable directory
* change the time of a file located outside the writable directory

It is highly recommended that psa-proftpd users upgrade to 1.3.3c at their earliest opportunity.

Changelog:

- Update to version 1.3.3c

To upgrade:

yum upgrade psa-proftpd

Credits: We would like to thank BruceLee for bringing this issue to our attention, and the proftpd team for their rapid response in resolving this issue.


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Wed Nov 03, 2010 4:54 am 
Offline
Forum Regular
Forum Regular

Joined: Sat Mar 28, 2009 6:58 pm
Posts: 865
Location: Germany
Thanks Scott for providing the fix so quickly.


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Wed Nov 03, 2010 4:13 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Thu Dec 09, 2004 11:19 am
Posts: 2079
Yes. this could have been a really bad problem. I'm really glad it is solved -- thanks Scott!!!

_________________
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Wed Nov 03, 2010 4:16 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3656
Location: Chantilly, VA
If this vuln was actually against chroot then the ASL kernel would stop this vuln. ASL chroots are more like jails, its pretty hard to escape from them, so if they actually called the chroot function you're safe - if they use their own non-kernel enforced faux-chroot like thing, well yeah, they have a hole. :-)

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 6:08 am 
Offline
Forum User
Forum User

Joined: Fri Aug 21, 2009 12:28 pm
Posts: 34
if i install it i have error, econnrefused and i cannot connect to my ftp server


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 10:51 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3656
Location: Chantilly, VA
Whats in your systems logs? And are you running ASL?

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 10:54 am 
Offline
Forum User
Forum User

Joined: Fri Aug 21, 2009 12:28 pm
Posts: 34
i'm not running asl but when i update this service i cannot connect to my ftp.

I use plesk

Where i can see the log?


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 11:20 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7935
Location: earth
/var/log/secure, and /var/log/messages are good places to start


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 1:18 pm 
Offline
Forum User
Forum User

Joined: Fri Aug 21, 2009 12:28 pm
Posts: 34
This filezilla log:
Stato: Connessione a ******:21...
Stato: Tentativo di connessione non riuscito con "ECONNREFUSED - Connection refused by server".
Errore: Impossibile collegarsi al server

bin /var/log/messages and in /var/log/secure i not ave logs for ftp


Last edited by camaran on Mon Nov 08, 2010 3:54 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 3:35 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7935
Location: earth
Im not sure what thats saying there, think you could translate that to english for me?


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 3:55 pm 
Offline
Forum User
Forum User

Joined: Fri Aug 21, 2009 12:28 pm
Posts: 34
scott wrote:
Im not sure what thats saying there, think you could translate that to english for me?

Done


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 6:27 pm 
Offline
Forum User
Forum User

Joined: Sun Nov 07, 2010 7:22 pm
Posts: 5
same thing for me, yum update a fresh server with plesk 10.0.1 and now FTP doesn't work. have proftpd 1.3.3c installed.

ftp localhost gives connection refused. nothing logged in messages or secure...also proftpd.conf was wiped. copied proftpd.conf from another plesk server but still not working.

any ideas?
thanks for any help


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Mon Nov 08, 2010 6:42 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7935
Location: earth
You know I think breun probably figured this one out, you have to re-install the plesk xinetd package whose name escapes me at the moment.


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Wed Nov 10, 2010 12:36 pm 
Offline
Forum Regular
Forum Regular

Joined: Sat Mar 28, 2009 6:58 pm
Posts: 865
Location: Germany
didn't take long and there they go:
212.xxx.xxx.xxx (85.xxx.xxx.xxx[85.xxx.xxx.xxx]) - client sent too-long command, ignoring

Thanks to atomicorp we are safe from attacks concering that vulnerability :)


Top
 Profile  
 
 Post subject: Re: [atomic] psa-proftpd 1.3.3c
Unread postPosted: Wed Nov 10, 2010 12:42 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7935
Location: earth
Also I put out an update yesterday that should integrate with Plesk 10. It merges in the xinetd package from plesk 9.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 32 posts ]  Go to page 1, 2, 3  Next

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Google [Bot] and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group