Debian: proftpd fix denial of service DSA-1218-1

    Date 21 Nov 2006
    Posted By LinuxSecurity Advisories
    It was discovered that the proftpd FTP daemon performs insufficient validation of FTP command buffer size limits, which may lead to denial of service. CVEID CVE-2006-5815 is addressed by this vulnerability.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1218-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                         Moritz Muehlenhoff
    November 21st, 2006           
    - --------------------------------------------------------------------------
    Package        : proftpd
    Vulnerability  : programming error
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CVE-2006-5815
    Debian Bug     : 399070
    It was discovered that the proftpd FTP daemon performs insufficient
    validation of FTP command buffer size limits, which may lead to denial of
    For the stable distribution (sarge) this problem has been fixed in
    version 1.2.10-15sarge2.
    For the unstable distribution (sid) this problem has been fixed in
    version 1.3.0-13 of the proftpd-dfsg package.
    We recommend that you upgrade your proftpd package.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      897 fe043ac01a1753ba7d47e169d7863039
          Size/MD5 checksum:   127600 d1611a9db379bee3e1f137c4c09d4b13
          Size/MD5 checksum:   920495 7d2bc5b4b1eef459a78e55c027a4f3c4
      Architecture independent components:
          Size/MD5 checksum:   422520 784f6a1ead480a7198dd0ad7df4c6d7d
      Alpha architecture:
          Size/MD5 checksum:   444406 dd457de80a77a65ea56f917ed8503641
          Size/MD5 checksum:   200788 0d3e2ba8ea9082b304a2c7f4d6af8df9
          Size/MD5 checksum:   457204 17af0e330f48108785aa9d00507c5291
          Size/MD5 checksum:   476800 dffaa2aad3f25eb2887005c27059b241
          Size/MD5 checksum:   476468 0c7be08d97b11f187c39f8a965b9e3c6
      AMD64 architecture:
          Size/MD5 checksum:   389010 2fd7461b794783671e641d72488c4585
          Size/MD5 checksum:   194562 3113db8aa6ba8e67dcea03632cf6fe67
          Size/MD5 checksum:   400008 3a89749eb456ea237ca4d82ae18e4beb
          Size/MD5 checksum:   415382 302debcfd6ff112e7294959addcdc1d6
          Size/MD5 checksum:   415174 51c2c6374d0483191874f96dd7318a27
      ARM architecture:
          Size/MD5 checksum:   373836 b740b9aa079946e4d2cbf323ae72a978
          Size/MD5 checksum:   188754 5ffae3af9d619b301595ea9b1175ef37
          Size/MD5 checksum:   384048 8beac5c897580847d39427097efd5116
          Size/MD5 checksum:   398914 5470be96f5ad34f83d1042139c6a639e
          Size/MD5 checksum:   398778 ae4abd419715b09b9a7bcc1f3e23eb96
      HP Precision architecture:
          Size/MD5 checksum:   403664 e19be25ea86f75de8fb0015837e47e57
          Size/MD5 checksum:   194452 65616d5eed9a3270e0df3086ad87a8a7
          Size/MD5 checksum:   414846 5ce90027122e3a27646cc314854ea37e
          Size/MD5 checksum:   431778 5deb145cbaacd0cbee298a0f6a02f6d2
          Size/MD5 checksum:   431492 9b950e59b183a6795d5eacb2002bf03c
      Intel IA-32 architecture:
          Size/MD5 checksum:   371202 efa3cca67db44225ecf7990ee8b76808
          Size/MD5 checksum:   188864 6129e4a1b65440c57e6e76e104025cf4
          Size/MD5 checksum:   380918 2de20dc3d336007347871007ad2aa9b6
          Size/MD5 checksum:   396670 2b6a3833f37f256ac0268bf03d25dfd8
          Size/MD5 checksum:   396432 ba26cbd5cfa7cd9d06c94baad26864b3
      Intel IA-64 architecture:
          Size/MD5 checksum:   519710 30aa10cfda1d97d81772d9a9fff3ef4c
          Size/MD5 checksum:   206994 1eefe822ebe9df3b584f719db1e6e263
          Size/MD5 checksum:   535338 4108fe33e7d1e6827e1545ea6ebfff7e
          Size/MD5 checksum:   562320 0ee714edb0c79544904c0db855daf174
          Size/MD5 checksum:   562214 4714a62fff2346f1d376f4306e0c6974
      Motorola 680x0 architecture:
          Size/MD5 checksum:   332528 3ad435ced0a1492fd61ae55c90204ad1
          Size/MD5 checksum:   187148 312a33fd15cfc35bd182d84ea847c852
          Size/MD5 checksum:   340916 adf942ec807fd5a39fdb9707226921bc
          Size/MD5 checksum:   353106 d724b6da9758c7bd3c4a4dfee4411306
          Size/MD5 checksum:   352830 5a090fa4b611c42a907919a88861eb9a
      Big endian MIPS architecture:
          Size/MD5 checksum:   382394 7e6c7b8b92827f3a6644689b0d06ef4e
          Size/MD5 checksum:   201616 fb61630fd14f0520518f78d198b15480
          Size/MD5 checksum:   391986 0ffbc86ea82bd910466c367f156af4be
          Size/MD5 checksum:   406488 2dff85fe8dc813c5be15780765a90a74
          Size/MD5 checksum:   406238 1d658816888f361611ef7c7a41062f62
      Little endian MIPS architecture:
          Size/MD5 checksum:   384334 ea408f73dd5288c3dbdd15556cb4c884
          Size/MD5 checksum:   201838 a2c8ed17d8c6dbfe3ff0a359ec8402fd
          Size/MD5 checksum:   393390 f6396ba4684fec2a4bd2b8a156c617a8
          Size/MD5 checksum:   409460 403eb9064b44dfb5c4f5c64e3d11b43e
          Size/MD5 checksum:   409212 e1226c8b018ced87ad77118c660d0361
      PowerPC architecture:
          Size/MD5 checksum:   384414 3cc172a7ddaf95a37905ce0ca2fc340f
          Size/MD5 checksum:   195366 d3db9b92cf67136399f153e804a168bd
          Size/MD5 checksum:   395170 9f26106f211808f807bfde1c2911629a
          Size/MD5 checksum:   412014 3a0d74322ba454ee72e0925cb871c3f5
          Size/MD5 checksum:   411760 2611181a4d8cb329bea9d9d0db130b31
      IBM S/390 architecture:
          Size/MD5 checksum:   379686 06371d89be06ba9c16152ef8d0164f9b
          Size/MD5 checksum:   192976 5a2c80cb11cd89c008a978b2e235bd45
          Size/MD5 checksum:   390112 ee494ba31925ba491ba72152a7fd0a88
          Size/MD5 checksum:   403944 c38a72652bef06f11e87fa28ab48d86c
          Size/MD5 checksum:   403734 2af77df7a25f5f5ed2b2d06c6fcd6ae3
      Sun Sparc architecture:
          Size/MD5 checksum:   369674 8dd5a9ec08ae54bcbc89ba8b6d695c87
          Size/MD5 checksum:   188988 03998811bf00f61f9c52f79ee5150978
          Size/MD5 checksum:   379464 fefd89407a8e0fdbc50a5398820aaa3c
          Size/MD5 checksum:   394890 6d62112d1257db0c993e33d075f7adb3
          Size/MD5 checksum:   394654 ada057a72951b1aa06d599b6e41bc503
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    Do you feel that the Lawful Access to Encrypted Data Act, which aims to force encryption backdoors, is a threat to US citizens' privacy?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"106","title":"Yes - I am a privacy advocate and I am strongly opposed to this bill.","votes":"23","type":"x","order":"1","pct":95.83,"resources":[]},{"id":"107","title":"I'm undecided - it has its pros and cons.","votes":"1","type":"x","order":"2","pct":4.17,"resources":[]},{"id":"108","title":"No - I support this bill and feel that it will help protect against crime and threats to our national security. ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200


    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.