Details of VAR-201111-0112

ID

VAR-201111-0112

CVE

CVE-2011-3171

TITLE

pure-FTPd Directory traversal vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2011-002766

DESCRIPTION

Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors. Pure-FTPd is prone to a local file-overwrite vulnerability. A local attacker can exploit this issue overwrite certain files. This may aid in further attacks. ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: SUSE update for pure-ftpd SECUNIA ADVISORY ID: SA45943 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45943/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45943 RELEASE DATE: 2011-09-10 DISCUSS ADVISORY: http://secunia.com/advisories/45943/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45943/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45943 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for pure-ftpd. This fixes a vulnerability, which can be exploited by malicious, local users and malicious people to manipulate certain data. Input passed via the username during the authentication process is not properly sanitised before being used and can be exploited to create arbitrary directories via directory traversal sequences. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1028-1: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00015.html SUSE-SU-2011:1029-1: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00016.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2011-3171 // JVNDB: JVNDB-2011-002766 // BID: 49541 // PACKETSTORM: 104960

AFFECTED PRODUCTS

vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.96	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.99	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.98.1	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97-final	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.96.1	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.95.2	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.98.2	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.95.1	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.90	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.95	Trust: 1.6
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.3	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97.4	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.21	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97.3	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.10	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.98	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.92	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97.6	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.99.3	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.4	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.98.6	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.16	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.9	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.18	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.14	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.20	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.99.9	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97.7	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97.1	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.99.4	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.6	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.13	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.98.7	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.15	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	lte	version:	1.0.22	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.94	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.7	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.11	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.1	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.99.1	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.93	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.98.4	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.0	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.17	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.8	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.2	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.99.2	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97.5	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97.2	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.98.3	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.19	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.5	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.97	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.91	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.12	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	0.98.5	Trust: 1.0
vendor:	pureftpd	model:	pure-ftpd	scope:	eq	version:	1.0.22	Trust: 0.8
vendor:	suse	model:	linux enterprise server sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	suse	model:	linux enterprise server sp3	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux enterprise desktop 10.sp1	scope:	-	version:	-	Trust: 0.3
vendor:	suse	model:	linux enterprise desktop sp4	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux enterprise sp4	scope:	eq	version:	10	Trust: 0.3
vendor:	suse	model:	linux enterprise sp3	scope:	eq	version:	10	Trust: 0.3
vendor:	pure ftpd	model:	pure-ftpd for suse	scope:	eq	version:	0	Trust: 0.3

sources: BID: 49541 // JVNDB: JVNDB-2011-002766 // CNNVD: CNNVD-201109-132 // NVD: CVE-2011-3171

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-3171
value:	LOW
Trust: 1.0
NVD:	CVE-2011-3171
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-201109-132
value:	LOW
Trust: 0.6

nvd@nist.gov:	CVE-2011-3171
severity:	LOW
baseScore:	3.6
vectorString:	AV:L/AC:L/AU:N/C:N/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

sources: JVNDB: JVNDB-2011-002766 // CNNVD: CNNVD-201109-132 // NVD: CVE-2011-3171

PROBLEMTYPE DATA

problemtype:

CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2011-002766 // NVD: CVE-2011-3171

THREAT TYPE

local

Trust: 1.0

sources: BID: 49541 // PACKETSTORM: 104960 // CNNVD: CNNVD-201109-132

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201109-132

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-002766

PATCH

title:

Top Page

url:

http://www.pureftpd.org/

Trust: 0.8

sources: JVNDB: JVNDB-2011-002766

EXTERNAL IDS

db:	NVD	id:	CVE-2011-3171	Trust: 2.7
db:	BID	id:	49541	Trust: 1.9
db:	JVNDB	id:	JVNDB-2011-002766	Trust: 0.8
db:	SECUNIA	id:	45943	Trust: 0.7
db:	XF	id:	69686	Trust: 0.6
db:	SUSE	id:	SUSE-SU-2011:1028	Trust: 0.6
db:	SUSE	id:	SUSE-SU-2011:1029	Trust: 0.6
db:	CNNVD	id:	CNNVD-201109-132	Trust: 0.6
db:	PACKETSTORM	id:	104960	Trust: 0.1

sources: BID: 49541 // JVNDB: JVNDB-2011-002766 // PACKETSTORM: 104960 // CNNVD: CNNVD-201109-132 // NVD: CVE-2011-3171

REFERENCES

url:	http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00016.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00015.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/49541	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/69686	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3171	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3171	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/69686	Trust: 0.6
url:	http://secunia.com/advisories/45943	Trust: 0.6
url:	http://www.pureftpd.org/project/pure-ftpd	Trust: 0.3
url:	http://secunia.com/advisories/45943/#comments	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/trial/	Trust: 0.1
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=45943	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/advisories/45943/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: BID: 49541 // JVNDB: JVNDB-2011-002766 // PACKETSTORM: 104960 // CNNVD: CNNVD-201109-132 // NVD: CVE-2011-3171

CREDITS

This issue was disclosed in a SUSE advisory.

Trust: 0.3

sources: BID: 49541

SOURCES

db:	BID	id:	49541
db:	JVNDB	id:	JVNDB-2011-002766
db:	PACKETSTORM	id:	104960
db:	CNNVD	id:	CNNVD-201109-132
db:	NVD	id:	CVE-2011-3171

LAST UPDATE DATE

2024-11-23T22:14:10.784000+00:00

SOURCES UPDATE DATE

db:	BID	id:	49541	date:	2011-09-09T00:00:00
db:	JVNDB	id:	JVNDB-2011-002766	date:	2011-11-10T00:00:00
db:	CNNVD	id:	CNNVD-201109-132	date:	2011-09-14T00:00:00
db:	NVD	id:	CVE-2011-3171	date:	2024-11-21T01:29:53.840

SOURCES RELEASE DATE

db:	BID	id:	49541	date:	2011-09-09T00:00:00
db:	JVNDB	id:	JVNDB-2011-002766	date:	2011-11-10T00:00:00
db:	PACKETSTORM	id:	104960	date:	2011-09-09T04:39:44
db:	CNNVD	id:	CNNVD-201109-132	date:	2011-09-14T00:00:00
db:	NVD	id:	CVE-2011-3171	date:	2011-11-04T21:55:02.550