Login
Newsletter
Werbung

Sicherheit: Zahlenüberlauf in ProFTPD
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in ProFTPD
ID: MDVSA-2013:245
Distribution: Mandriva
Plattformen: Mandriva Enterprise Server 5.0, Mandriva Business Server 1.0
Datum: Fr, 4. Oktober 2013, 07:24
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4359
Applikationen: ProFTPD

Originalnachricht

This is a multi-part message in MIME format...

------------=_1380809365-2618-0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2013:245
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : proftpd
Date : October 3, 2013
Affected: Business Server 1.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability has been discovered and corrected in proftpd:

Integer overflow in kbdint.c in mod_sftp in ProFTPD 1.3.4d and
1.3.5r3 allows remote attackers to cause a denial of service (memory
consumption) via a large response count value in an authentication
request, which triggers a large memory allocation (CVE-2013-4359).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4359
_______________________________________________________________________

Updated Packages:

Mandriva Enterprise Server 5:
46983ffd7098530fca4128077d97a523
mes5/i586/proftpd-1.3.3g-0.3mdvmes5.2.i586.rpm
a04e0b56bf0eb0d2d4cdece3ffc85029
mes5/i586/proftpd-devel-1.3.3g-0.3mdvmes5.2.i586.rpm
025f570c1dc8efdc45895a3616da1e06
mes5/i586/proftpd-mod_autohost-1.3.3g-0.3mdvmes5.2.i586.rpm
450f15d6116cab768617d48011c3e817
mes5/i586/proftpd-mod_ban-1.3.3g-0.3mdvmes5.2.i586.rpm
a98343b24afe7e37fba65e1dda0195e1
mes5/i586/proftpd-mod_case-1.3.3g-0.3mdvmes5.2.i586.rpm
43616f2c325f048e059fcf17ab51393c
mes5/i586/proftpd-mod_ctrls_admin-1.3.3g-0.3mdvmes5.2.i586.rpm
fe0fd656038018fdce84bd43cdef5772
mes5/i586/proftpd-mod_gss-1.3.3g-0.3mdvmes5.2.i586.rpm
e6f8e5ac0ebf015f11d3883772603be3
mes5/i586/proftpd-mod_ifsession-1.3.3g-0.3mdvmes5.2.i586.rpm
876f7f2f217eef5a3c37ddd0a1b14e4e
mes5/i586/proftpd-mod_ldap-1.3.3g-0.3mdvmes5.2.i586.rpm
567712b13a4d71d8f1425c50c93da77f
mes5/i586/proftpd-mod_load-1.3.3g-0.3mdvmes5.2.i586.rpm
5f4dc1d5ae8a1b1ebb69f4fefb770209
mes5/i586/proftpd-mod_quotatab-1.3.3g-0.3mdvmes5.2.i586.rpm
43537fb14fd6d668378353e2d3fed566
mes5/i586/proftpd-mod_quotatab_file-1.3.3g-0.3mdvmes5.2.i586.rpm
44bc319aaea602ef75ef4b7ab0a30f63
mes5/i586/proftpd-mod_quotatab_ldap-1.3.3g-0.3mdvmes5.2.i586.rpm
f7824603f5f4192be16872b14b9e29af
mes5/i586/proftpd-mod_quotatab_radius-1.3.3g-0.3mdvmes5.2.i586.rpm
948961bc889efd5ddb1b7aeae4aa1925
mes5/i586/proftpd-mod_quotatab_sql-1.3.3g-0.3mdvmes5.2.i586.rpm
7012699225ae929c26526c81bead2c40
mes5/i586/proftpd-mod_radius-1.3.3g-0.3mdvmes5.2.i586.rpm
87330a04471f3a047cdd49ad4151b8e1
mes5/i586/proftpd-mod_ratio-1.3.3g-0.3mdvmes5.2.i586.rpm
44b63f1707ebc0436156a7d9ce1602fa
mes5/i586/proftpd-mod_rewrite-1.3.3g-0.3mdvmes5.2.i586.rpm
384bb9641df7c17cae6375f93a454ff6
mes5/i586/proftpd-mod_sftp-1.3.3g-0.3mdvmes5.2.i586.rpm
cf2705bc941d052b603935a84e4306a4
mes5/i586/proftpd-mod_sftp_pam-1.3.3g-0.3mdvmes5.2.i586.rpm
026d9596cc3379b5a2bb4980acac57b3
mes5/i586/proftpd-mod_sftp_sql-1.3.3g-0.3mdvmes5.2.i586.rpm
7209015b90d427445b047be9bfee5d08
mes5/i586/proftpd-mod_shaper-1.3.3g-0.3mdvmes5.2.i586.rpm
6d881af562adcfee2b4d3eb21ef8aa1d
mes5/i586/proftpd-mod_site_misc-1.3.3g-0.3mdvmes5.2.i586.rpm
557aa8921aa2f6ceccf9491711adfabf
mes5/i586/proftpd-mod_sql-1.3.3g-0.3mdvmes5.2.i586.rpm
020203dadddd0122f0c7ebbfbf12c790
mes5/i586/proftpd-mod_sql_mysql-1.3.3g-0.3mdvmes5.2.i586.rpm
512866f3265a2876c3faafbd93e76d41
mes5/i586/proftpd-mod_sql_passwd-1.3.3g-0.3mdvmes5.2.i586.rpm
ee8998f366f8323b0064362c3cf12a8f
mes5/i586/proftpd-mod_sql_postgres-1.3.3g-0.3mdvmes5.2.i586.rpm
b314dc7d58b779092710c95d8fb4b577
mes5/i586/proftpd-mod_sql_sqlite-1.3.3g-0.3mdvmes5.2.i586.rpm
86ce25cf1e2d557dfc8a838965236965
mes5/i586/proftpd-mod_time-1.3.3g-0.3mdvmes5.2.i586.rpm
2ddbdca6dc855e2e90ca5b38e2703409
mes5/i586/proftpd-mod_tls-1.3.3g-0.3mdvmes5.2.i586.rpm
6d1a4b01f2dd733ae5207a2dff78424f
mes5/i586/proftpd-mod_tls_shmcache-1.3.3g-0.3mdvmes5.2.i586.rpm
d44e3df2773cd71189fd859239f119b9
mes5/i586/proftpd-mod_vroot-1.3.3g-0.3mdvmes5.2.i586.rpm
23751186af1e2588e07e43e60099fcf2
mes5/i586/proftpd-mod_wrap-1.3.3g-0.3mdvmes5.2.i586.rpm
5eb2de8b3640f317266e4a8032693320
mes5/i586/proftpd-mod_wrap_file-1.3.3g-0.3mdvmes5.2.i586.rpm
7ac0e08ec868cbbb2004b05a7def10ba
mes5/i586/proftpd-mod_wrap_sql-1.3.3g-0.3mdvmes5.2.i586.rpm
159e3566c92302969ca40d38b37c0427
mes5/SRPMS/proftpd-1.3.3g-0.3mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
38796f9d366483a30fd31318414a2ce9
mes5/x86_64/proftpd-1.3.3g-0.3mdvmes5.2.x86_64.rpm
1719f42f610ec620d87bec52d6eabecd
mes5/x86_64/proftpd-devel-1.3.3g-0.3mdvmes5.2.x86_64.rpm
19998579435263ada5d44cd338e47be4
mes5/x86_64/proftpd-mod_autohost-1.3.3g-0.3mdvmes5.2.x86_64.rpm
eb317fad1b20365d393c5cf39d1f625b
mes5/x86_64/proftpd-mod_ban-1.3.3g-0.3mdvmes5.2.x86_64.rpm
4f970b528ac6cb1983dbb37bd5dc419d
mes5/x86_64/proftpd-mod_case-1.3.3g-0.3mdvmes5.2.x86_64.rpm
368decaa63f0d1554e0a60e8c89e5bde
mes5/x86_64/proftpd-mod_ctrls_admin-1.3.3g-0.3mdvmes5.2.x86_64.rpm
ed3de838f3ebf6f076eb2ebe0b6d0672
mes5/x86_64/proftpd-mod_gss-1.3.3g-0.3mdvmes5.2.x86_64.rpm
8b47d1fa57c04efe3efe21422bc7dade
mes5/x86_64/proftpd-mod_ifsession-1.3.3g-0.3mdvmes5.2.x86_64.rpm
323574f327cbfa7a53d828ba588ee4de
mes5/x86_64/proftpd-mod_ldap-1.3.3g-0.3mdvmes5.2.x86_64.rpm
dde4d52cbcc480f2f4cb579dc9192ace
mes5/x86_64/proftpd-mod_load-1.3.3g-0.3mdvmes5.2.x86_64.rpm
21ce4bf2d7208aaa9a26c44605d684ae
mes5/x86_64/proftpd-mod_quotatab-1.3.3g-0.3mdvmes5.2.x86_64.rpm
6b4461147b10b83935ff24cedc2a3711
mes5/x86_64/proftpd-mod_quotatab_file-1.3.3g-0.3mdvmes5.2.x86_64.rpm
5eea60cd2e9ec2228053ab687b39b762
mes5/x86_64/proftpd-mod_quotatab_ldap-1.3.3g-0.3mdvmes5.2.x86_64.rpm
d43368168c6bce2266e5c7ed47e1babb
mes5/x86_64/proftpd-mod_quotatab_radius-1.3.3g-0.3mdvmes5.2.x86_64.rpm
7a0f22079084eb93ef57f0351307e8ce
mes5/x86_64/proftpd-mod_quotatab_sql-1.3.3g-0.3mdvmes5.2.x86_64.rpm
5bc3a7c23d64a6370472a8bfc6d4b557
mes5/x86_64/proftpd-mod_radius-1.3.3g-0.3mdvmes5.2.x86_64.rpm
a0d218ecd04d2bf8a66517715adecfe1
mes5/x86_64/proftpd-mod_ratio-1.3.3g-0.3mdvmes5.2.x86_64.rpm
d04672db1914cac3fb93fb7f7b2809b8
mes5/x86_64/proftpd-mod_rewrite-1.3.3g-0.3mdvmes5.2.x86_64.rpm
7ed7719b520b5cc064850135c511faed
mes5/x86_64/proftpd-mod_sftp-1.3.3g-0.3mdvmes5.2.x86_64.rpm
e0d0574298da56fd9132cbf29d9dabfd
mes5/x86_64/proftpd-mod_sftp_pam-1.3.3g-0.3mdvmes5.2.x86_64.rpm
ab1174d2d20fe2d435c5404ba71aaaf2
mes5/x86_64/proftpd-mod_sftp_sql-1.3.3g-0.3mdvmes5.2.x86_64.rpm
7ee8ada196f9834edb9f49456a209b54
mes5/x86_64/proftpd-mod_shaper-1.3.3g-0.3mdvmes5.2.x86_64.rpm
0adef44803bd712aee6aa7b27cac0213
mes5/x86_64/proftpd-mod_site_misc-1.3.3g-0.3mdvmes5.2.x86_64.rpm
02cc8c4356f0dcc4774a7d961aa884f2
mes5/x86_64/proftpd-mod_sql-1.3.3g-0.3mdvmes5.2.x86_64.rpm
66be4115598106e48f201411e06a929b
mes5/x86_64/proftpd-mod_sql_mysql-1.3.3g-0.3mdvmes5.2.x86_64.rpm
3ae0ab56eeca6524d8e35a50259880ab
mes5/x86_64/proftpd-mod_sql_passwd-1.3.3g-0.3mdvmes5.2.x86_64.rpm
98d051c650475f42e668aa326917b46a
mes5/x86_64/proftpd-mod_sql_postgres-1.3.3g-0.3mdvmes5.2.x86_64.rpm
85c9a1ff9e90d0301cb94c88747b1838
mes5/x86_64/proftpd-mod_sql_sqlite-1.3.3g-0.3mdvmes5.2.x86_64.rpm
d4582a5c3cc1b49cda531ba332739ab0
mes5/x86_64/proftpd-mod_time-1.3.3g-0.3mdvmes5.2.x86_64.rpm
fa2cde5a8f2f9341aa6f8cf03d2989d4
mes5/x86_64/proftpd-mod_tls-1.3.3g-0.3mdvmes5.2.x86_64.rpm
5581418149d3b0c2d689f0227c310136
mes5/x86_64/proftpd-mod_tls_shmcache-1.3.3g-0.3mdvmes5.2.x86_64.rpm
4aa543bed0ca7d9e1a000510523ec67b
mes5/x86_64/proftpd-mod_vroot-1.3.3g-0.3mdvmes5.2.x86_64.rpm
7d6a94029d9e0a1f41dccfcf12640c74
mes5/x86_64/proftpd-mod_wrap-1.3.3g-0.3mdvmes5.2.x86_64.rpm
b919dbcd415646884fe108e2c65e985f
mes5/x86_64/proftpd-mod_wrap_file-1.3.3g-0.3mdvmes5.2.x86_64.rpm
33c196d28a2d7444323df75fb2031b35
mes5/x86_64/proftpd-mod_wrap_sql-1.3.3g-0.3mdvmes5.2.x86_64.rpm
159e3566c92302969ca40d38b37c0427
mes5/SRPMS/proftpd-1.3.3g-0.3mdvmes5.2.src.rpm

Mandriva Business Server 1/X86_64:
8894c0650a5fd8fc4ae90e0d7076d784
mbs1/x86_64/proftpd-1.3.3g-2.2.mbs1.x86_64.rpm
483eefbfbd94017e1d0468c62be71817
mbs1/x86_64/proftpd-devel-1.3.3g-2.2.mbs1.x86_64.rpm
49c8475366eafe540bf500df91e52576
mbs1/x86_64/proftpd-mod_autohost-1.3.3g-2.2.mbs1.x86_64.rpm
ff58176ba72fa46041df0efb936f3423
mbs1/x86_64/proftpd-mod_ban-1.3.3g-2.2.mbs1.x86_64.rpm
cfb334e62d6bb02c7cad92ed704ba0f3
mbs1/x86_64/proftpd-mod_case-1.3.3g-2.2.mbs1.x86_64.rpm
3c4081c4b4ae5ef551658e0b2acba833
mbs1/x86_64/proftpd-mod_ctrls_admin-1.3.3g-2.2.mbs1.x86_64.rpm
384bf91e253a2c215d627bdcf06c2d0e
mbs1/x86_64/proftpd-mod_gss-1.3.3g-2.2.mbs1.x86_64.rpm
aaac9dd49d2cb3a405e8a5601e2b5bbe
mbs1/x86_64/proftpd-mod_ifsession-1.3.3g-2.2.mbs1.x86_64.rpm
2d3916273f01d603f3c8b11ed0995dcb
mbs1/x86_64/proftpd-mod_ldap-1.3.3g-2.2.mbs1.x86_64.rpm
31f2bc5b2bb4cb8e1de113d9fa5941b7
mbs1/x86_64/proftpd-mod_load-1.3.3g-2.2.mbs1.x86_64.rpm
4a8264924a0271b13648987048f908d2
mbs1/x86_64/proftpd-mod_quotatab-1.3.3g-2.2.mbs1.x86_64.rpm
7d9f41ac86104c48fa552eea590106ec
mbs1/x86_64/proftpd-mod_quotatab_file-1.3.3g-2.2.mbs1.x86_64.rpm
1413ffa427471f9026238019e53eab60
mbs1/x86_64/proftpd-mod_quotatab_ldap-1.3.3g-2.2.mbs1.x86_64.rpm
6a668d6acf56675278bd6a1e2043c7bc
mbs1/x86_64/proftpd-mod_quotatab_radius-1.3.3g-2.2.mbs1.x86_64.rpm
1d2c9d7ca3ff98b73e382cd1c62bca3b
mbs1/x86_64/proftpd-mod_quotatab_sql-1.3.3g-2.2.mbs1.x86_64.rpm
3063a00f1e6693010362e88daec12e0d
mbs1/x86_64/proftpd-mod_radius-1.3.3g-2.2.mbs1.x86_64.rpm
742c9bca71ff7325eea842c98ec8e843
mbs1/x86_64/proftpd-mod_ratio-1.3.3g-2.2.mbs1.x86_64.rpm
a1c0408b245f8b86303e83376bb8a767
mbs1/x86_64/proftpd-mod_rewrite-1.3.3g-2.2.mbs1.x86_64.rpm
16234987a0ee0b84c4c86b992cd8a49d
mbs1/x86_64/proftpd-mod_sftp-1.3.3g-2.2.mbs1.x86_64.rpm
b4c686c0e1004e091bd900b15ca14590
mbs1/x86_64/proftpd-mod_shaper-1.3.3g-2.2.mbs1.x86_64.rpm
45946636376e208763857c4d3aab4389
mbs1/x86_64/proftpd-mod_site_misc-1.3.3g-2.2.mbs1.x86_64.rpm
2b78b77a20920ac27f74392d48d1e55b
mbs1/x86_64/proftpd-mod_sql-1.3.3g-2.2.mbs1.x86_64.rpm
1224cc483941df48c2ae075c7907e8df
mbs1/x86_64/proftpd-mod_sql_mysql-1.3.3g-2.2.mbs1.x86_64.rpm
2b57ba6e1e60b3ef8c55864e6ccea11f
mbs1/x86_64/proftpd-mod_sql_passwd-1.3.3g-2.2.mbs1.x86_64.rpm
5ff0cd038dced801d93720726b064b62
mbs1/x86_64/proftpd-mod_sql_postgres-1.3.3g-2.2.mbs1.x86_64.rpm
bd37b5ee528c7429e7e04f42dffbdffc
mbs1/x86_64/proftpd-mod_time-1.3.3g-2.2.mbs1.x86_64.rpm
22003676c1c945c2fbe086def2951e6d
mbs1/x86_64/proftpd-mod_tls-1.3.3g-2.2.mbs1.x86_64.rpm
96d8740f7f3391ce1d32cfb5b73e37b3
mbs1/x86_64/proftpd-mod_vroot-1.3.3g-2.2.mbs1.x86_64.rpm
139b03ae65f621e1040e50e90a7ad43d
mbs1/x86_64/proftpd-mod_wrap-1.3.3g-2.2.mbs1.x86_64.rpm
5af2c6f664a1e950c14accb5daa46e0e
mbs1/x86_64/proftpd-mod_wrap_file-1.3.3g-2.2.mbs1.x86_64.rpm
9ced62076d70032a88bff77d0c15866e
mbs1/x86_64/proftpd-mod_wrap_sql-1.3.3g-2.2.mbs1.x86_64.rpm
ec0d6974ee0c906202405ee0b027eb15 mbs1/SRPMS/proftpd-1.3.3g-2.2.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFSTT7qmqjQ0CJFipgRAu9bAKCZsiuPTXGuvLZTkvxf23exPoZcpACgv+73
Gv+V6+AGVqv7ba+Hw0XjuD4=
=i2z0
-----END PGP SIGNATURE-----


------------=_1380809365-2618-0
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1380809365-2618-0--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung