Your message dated Mon, 27 Jun 2005 06:17:10 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#315687: fixed in proftpd 1.2.10-18
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 24 Jun 2005 22:14:58 +0000
>From [EMAIL PROTECTED] Fri Jun 24 15:14:58 2005
Return-path: <[EMAIL PROTECTED]>
Received: from nosferatu.franken.de (noname.franken.de) [194.95.226.50]
(Debian-exim)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DlwRu-00042q-00; Fri, 24 Jun 2005 15:14:58 -0700
Received: from jupiter.home.junior.sternbauer.de ([192.168.0.2] ident=qmailr)
by noname.franken.de with smtp (Exim 4.51)
id 1DlwRr-00049P-AU
for [EMAIL PROTECTED]; Sat, 25 Jun 2005 00:14:55 +0200
Received: (qmail 28588 invoked by uid 1000); 24 Jun 2005 22:14:34 -0000
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Michael Bergbauer <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: proftpd: Wrong permissions for ftp server
X-Mailer: reportbug 3.15
Date: Sat, 25 Jun 2005 00:14:34 +0200
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: proftpd
Version: 1.2.10-17
Severity: critical
Justification: root security hole
In the most recent (1.2.10-17) version of proftpd, the permissions used
by the daemon are somehome mixed up: both anonymous and authenticated
connections are mapped to uid 0/gid 0 in the filesystem. New files and
directories are created with uid 0/gid 0 (instead of the ftp/nogroup for
anon connections resp. the authenticated user).
In anon mode, you seem to be trapped in the anon enviroment and can't
delete files.
With authenticated connections, you also get root access to the whole
system (visible to proftpd) and as your access is mapped to root/root,
you can delete everything you like (thus the critical severity, as this
opens root access to the ftp server's file system.
This bug was not reproducable on 1.2.10-16, I had to install 1.2.10-17.
The config file wasn't touched during the update to -17.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i586)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.26
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages proftpd depends on:
ii adduser 3.64 Add and remove users and groups
ii debconf 1.4.51 Debian configuration management sy
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7g-1 SSL shared libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii netbase 4.21 Basic TCP/IP networking system
ii proftpd-common 1.2.10-17 Versatile, virtual-hosting FTP dae
ii ucf 1.18 Update Configuration File: preserv
proftpd recommends no packages.
-- debconf information:
* shared/proftpd/anonymous: true
shared/proftpd/run_inetd_or_standalone: standalone
* shared/proftpd/edit_conffile: false
* shared/proftpd/use_debconf: true
shared/proftpd/anonymous_access: false
* proftpd/edit_conffile: true
shared/proftpd/file_changed:
shared/proftpd/warning:
* shared/proftpd/inetd_or_standalone: inetd
* proftpd/run_inetd_or_standalone: inetd
shared/proftpd/replace_file_install: false
shared/proftpd/sql_statements:
* proftpd/anonymous_access: true
proftpd/sql_statements:
---------------------------------------
Received: (at 315687-close) by bugs.debian.org; 27 Jun 2005 10:21:46 +0000
>From [EMAIL PROTECTED] Mon Jun 27 03:21:46 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DmqkM-0001JF-00; Mon, 27 Jun 2005 03:21:46 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1Dmqfu-0001Ap-00; Mon, 27 Jun 2005 06:17:10 -0400
From: Francesco Paolo Lovergine <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#315687: fixed in proftpd 1.2.10-18
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Mon, 27 Jun 2005 06:17:10 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: proftpd
Source-Version: 1.2.10-18
We believe that the bug you reported is fixed in the latest version of
proftpd, which is due to be installed in the Debian FTP archive:
proftpd-common_1.2.10-18_i386.deb
to pool/main/p/proftpd/proftpd-common_1.2.10-18_i386.deb
proftpd-doc_1.2.10-18_all.deb
to pool/main/p/proftpd/proftpd-doc_1.2.10-18_all.deb
proftpd-ldap_1.2.10-18_i386.deb
to pool/main/p/proftpd/proftpd-ldap_1.2.10-18_i386.deb
proftpd-mysql_1.2.10-18_i386.deb
to pool/main/p/proftpd/proftpd-mysql_1.2.10-18_i386.deb
proftpd-pgsql_1.2.10-18_i386.deb
to pool/main/p/proftpd/proftpd-pgsql_1.2.10-18_i386.deb
proftpd_1.2.10-18.diff.gz
to pool/main/p/proftpd/proftpd_1.2.10-18.diff.gz
proftpd_1.2.10-18.dsc
to pool/main/p/proftpd/proftpd_1.2.10-18.dsc
proftpd_1.2.10-18_i386.deb
to pool/main/p/proftpd/proftpd_1.2.10-18_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Francesco Paolo Lovergine <[EMAIL PROTECTED]> (supplier of updated proftpd
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 25 Jun 2005 09:31:37 +0200
Source: proftpd
Binary: proftpd-common proftpd proftpd-mysql proftpd-pgsql proftpd-ldap
proftpd-doc
Architecture: source i386 all
Version: 1.2.10-18
Distribution: unstable
Urgency: high
Maintainer: Francesco Paolo Lovergine <[EMAIL PROTECTED]>
Changed-By: Francesco Paolo Lovergine <[EMAIL PROTECTED]>
Description:
proftpd - Versatile, virtual-hosting FTP daemon
proftpd-common - Versatile, virtual-hosting FTP daemon
proftpd-doc - Versatile, virtual-hosting FTP daemon (Documentation)
proftpd-ldap - Versatile, virtual-hosting FTP daemon (with LDAP support)
proftpd-mysql - Versatile, virtual-hosting FTP daemon (with SQL support)
proftpd-pgsql - Versatile, virtual-hosting FTP daemon (with SQL support)
Closes: 315687
Changes:
proftpd (1.2.10-18) unstable; urgency=high
.
* Sigh! I left around development settings in rules file to test the damn
signal 11
thingy. That disabled capabilities.
(closes: #315687)
Files:
c73a79e9e33f70d8274989c1f98e10e2 897 net optional proftpd_1.2.10-18.dsc
94ebfc663a6d092226821041ecd37289 129149 net optional proftpd_1.2.10-18.diff.gz
d9c7974c1b4ae500ffd885834f1aa921 343574 doc optional
proftpd-doc_1.2.10-18_all.deb
d438bcb1dbfc55f60664acec3aabcb99 372028 net optional proftpd_1.2.10-18_i386.deb
b8aa60c4e1cef6f99865bf64bca5e273 189076 net optional
proftpd-common_1.2.10-18_i386.deb
2c8f842a4ebf8c756102734154cdf364 397590 net optional
proftpd-mysql_1.2.10-18_i386.deb
a111413126b95a0501fdc3afc198798f 397230 net optional
proftpd-pgsql_1.2.10-18_i386.deb
207c6fd83c2df21c0ab12c4cddb91cdd 381546 net optional
proftpd-ldap_1.2.10-18_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCvQnypFNRmenyx0cRAtlfAJ9VNCOJNc4cJ7jxHu8+LXaR/UqKzACfSwMO
nHwdisnhIWCIq31BtNMSpp8=
=DgNN
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
