Detections
Analytics
ProFTPD 1.3.5a, 1.3.6rc1 Multiple Vulnerabilities
critical Log Correlation Engine Plugin ID 802012
Synopsis
The specific version of ProFTPD that the system is running is reportedly affected by multiple vulnerabilities.Description
The specific version of ProFTPD that the system is running is reportedly affected by the following vulnerabilities:- ProFTPD contains a flaw that may result in Diffie Hellman key exchanges using 1024 bits instead of the intended 4096 bits. This may result in them being significantly less cryptographically secure. (CVE-2016-3125)
- ProFTPD contains an out-of-bounds read flaw in the pr_fs_dircat() function in fsio.c that may allow a remote attacker to cause a crash or potentially disclose memory contents.
Solution
It has been reported that this has been fixed. Please refer to the product listing for upgraded versions that address this vulnerability.See Also
http://proftpd.org/docs/RELEASE_NOTES-1.3.5b
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818492
http://bugs.proftpd.org/show_bug.cgi?id=4230
https://security-tracker.debian.org/tracker/CVE-2016-3125
http://seclists.org/oss-sec/2016/q1/601
http://seclists.org/oss-sec/2016/q1/610
https://blog.fuzzing-project.org/40-Several-out-of-bounds-reads-in-ProFTPD.html
Plugin Details
Severity: Critical
ID: 802012
Family: FTP Servers
Published: 8/29/2016
Vulnerability Information
Patch Publication Date: 3/10/2016
Vulnerability Publication Date: 7/25/2015
Reference Information
CVE: CVE-2016-3125