Titel: Proftpd Security Exploit Beitrag von: TL am 23. September 2003, 20:31:35 Achtung, Proftpd 1.2.7 aufwärts hat einen Fehler im Ascii Transfer Mode, der es einem Angreifer ermöglicht Zugriff auf das System zu bekommen. Der Angreifer muss allerdings Schreib- und Leserechte haben. Näheres unter http://xforce.iss.net/xforce/alerts/id/154.
Auf den Proftpd-Mirrors ist eine gepatchte Version (mit p hinter der Versionsnummer) zu bekommen. Titel: Re: Proftpd Security Exploit Beitrag von: stonki am 24. September 2003, 09:58:43 Zitat von: "TL" Achtung, Proftpd 1.2.7 aufwärts hat einen Fehler im Ascii Transfer Mode, der es einem Angreifer ermöglicht Zugriff auf das System zu bekommen. Der Angreifer muss allerdings Schreib- und Leserechte haben. Näheres unter http://xforce.iss.net/xforce/alerts/id/154. Auf den Proftpd-Mirrors ist eine gepatchte Version (mit p hinter der Versionsnummer) zu bekommen. Jupp, was fuer ein scheiss. proFTPD.de ist nun geupdated ! cu stonki Titel: Proftpd Security Exploit Beitrag von: Wörsty am 24. September 2003, 11:06:40 mod_exec 0.6.6 läßt sich bei mir nicht mehr reinkompilieren. :??
Code: [root@knowledgebase proftpd-1.2.9rc2p]# cp /usr/src/mod_exec/mod_exec.c contrib/mod_exec.c [root@knowledgebase proftpd-1.2.9rc2p]# cp /usr/src/mod_wrap-2.0/mod_wrap*.c contrib/ cp: »contrib/mod_wrap.c« überschreiben? [root@knowledgebase proftpd-1.2.9rc2p]# cp /usr/src/mod_wrap-2.0/mod_wrap*.h contrib/ [root@knowledgebase proftpd-1.2.9rc2p]# cp /usr/src/mod_conf_sql/mod_conf_sql.c contrib/ [root@knowledgebase proftpd-1.2.9rc2p]# ./configure --with-modules=mod_sql:mod_sql_mysql:mod_conf_sql:mod_ifsession:mod_wrap:mod_wrap_file:mod_wrap_sql:mod_tls:mod_exec --with-includes=/usr/include/mysql --with-libraries=/usr/lib/mysql --sysconfdir=/www/conf/ checking build system type... i686-pc-linux-gnu checking host system type... i686-pc-linux-gnu checking target system type... i686-pc-linux-gnu checking for gcc... gcc checking for C compiler default output... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ANSI C... none needed checking whether make sets $(MAKE)... yes checking for a BSD-compatible install... /usr/bin/install -c checking for ranlib... ranlib checking for special C compiler options needed for large files... no checking for _FILE_OFFSET_BITS value needed for large files... 64 checking for _LARGE_FILES value needed for large files... no checking whether the C compiler accepts -Wall... yes checking for getopt... yes checking how to run the C preprocessor... gcc -E checking for egrep... grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking for standalone crypt... no checking for crypt in -lcrypt... yes checking for standalone gethostbyname... yes checking for standalone inet_aton... yes checking for standalone nsl functions... yes checking for standalone socket functions... yes checking for _pw_stayopen variable... no checking krb.h usability... no checking krb.h presence... no checking for krb.h... no checking prot.h usability... no checking prot.h presence... no checking for prot.h... no checking hpsecurity.h usability... no checking hpsecurity.h presence... no checking for hpsecurity.h... no checking for hpsecurity.h workaround... no checking for dirent.h that defines DIR... yes checking for library containing opendir... none required checking for ANSI C header files... (cached) yes checking for sys/wait.h that is POSIX.1 compatible... yes checking fcntl.h usability... yes checking fcntl.h presence... yes checking for fcntl.h... yes checking sys/ioctl.h usability... yes checking sys/ioctl.h presence... yes checking for sys/ioctl.h... yes checking sys/time.h usability... yes checking sys/time.h presence... yes checking for sys/time.h... yes checking for unistd.h... (cached) yes checking for memory.h... (cached) yes checking shadow.h usability... yes checking shadow.h presence... yes checking for shadow.h... yes checking for struct spwd.sp_warn... yes checking for struct spwd.sp_inact... yes checking for struct spwd.sp_expire... yes checking security/pam_appl.h usability... no checking security/pam_appl.h presence... no checking for security/pam_appl.h... no checking pam/pam_appl.h usability... no checking pam/pam_appl.h presence... no checking for pam/pam_appl.h... no checking linux/capability.h usability... yes checking linux/capability.h presence... yes checking for linux/capability.h... yes checking whether to enable mod_cap... yes checking ctype.h usability... yes checking ctype.h presence... yes checking for ctype.h... yes checking getopt.h usability... yes checking getopt.h presence... yes checking for getopt.h... yes checking crypt.h usability... yes checking crypt.h presence... yes checking for crypt.h... yes checking bstring.h usability... no checking bstring.h presence... no checking for bstring.h... no checking limits.h usability... yes checking limits.h presence... yes checking for limits.h... yes checking for strings.h... (cached) yes checking stropts.h usability... yes checking stropts.h presence... yes checking for stropts.h... yes checking sys/file.h usability... yes checking sys/file.h presence... yes checking for sys/file.h... yes checking for sys/types.h... (cached) yes checking sys/uio.h usability... yes checking sys/uio.h presence... yes checking for sys/uio.h... yes checking for sys/param.h... yes checking for sys/mount.h... yes checking netdb.h usability... yes checking netdb.h presence... yes checking for netdb.h... yes checking netinet/in.h usability... yes checking netinet/in.h presence... yes checking for netinet/in.h... yes checking for netinet/in_systm.h... yes checking for netinet/ip.h... yes checking netinet/tcp.h usability... yes checking netinet/tcp.h presence... yes checking for netinet/tcp.h... yes checking arpa/inet.h usability... yes checking arpa/inet.h presence... yes checking for arpa/inet.h... yes checking for sys/stat.h... (cached) yes checking errno.h usability... yes checking errno.h presence... yes checking for errno.h... yes checking sys/socket.h usability... yes checking sys/socket.h presence... yes checking for sys/socket.h... yes checking sys/termios.h usability... yes checking sys/termios.h presence... yes checking for sys/termios.h... yes checking sys/termio.h usability... no checking sys/termio.h presence... no checking for sys/termio.h... no checking sys/statvfs.h usability... yes checking sys/statvfs.h presence... yes checking for sys/statvfs.h... yes checking sys/vfs.h usability... yes checking sys/vfs.h presence... yes checking for sys/vfs.h... yes checking sys/select.h usability... yes checking sys/select.h presence... yes checking for sys/select.h... yes checking dirent.h usability... yes checking dirent.h presence... yes checking for dirent.h... yes checking ndir.h usability... no checking ndir.h presence... no checking for ndir.h... no checking sys/ndir.h usability... no checking sys/ndir.h presence... no checking for sys/ndir.h... no checking sys/dir.h usability... yes checking sys/dir.h presence... yes checking for sys/dir.h... yes checking vmsdir.h usability... no checking vmsdir.h presence... no checking for vmsdir.h... no checking utmpx.h usability... yes checking utmpx.h presence... yes checking for utmpx.h... yes checking regex.h usability... yes checking regex.h presence... yes checking for regex.h... yes checking syslog.h usability... yes checking syslog.h presence... yes checking for syslog.h... yes checking curses.h usability... yes checking curses.h presence... yes checking for curses.h... yes checking ncurses.h usability... yes checking ncurses.h presence... yes checking for ncurses.h... yes checking for an ANSI C-conforming const... yes checking for inline... inline checking for uid_t in sys/types.h... yes checking for pid_t... yes checking for size_t... yes checking for mode_t... yes checking for off_t... yes checking type of array argument to getgroups... gid_t checking for timer_t... yes checking for short... yes checking size of short... 2 checking for int... yes checking size of int... 4 checking for long... yes checking size of long... 4 checking for long long... yes checking size of long long... 8 checking for off_t... (cached) yes checking size of off_t... 8 checking whether time.h and sys/time.h may both be included... yes checking whether struct tm is in sys/time.h or time.h... time.h checking for umode_t... no checking for ino_t... yes checking for socklen_t... yes checking utmp.h usability... yes checking utmp.h presence... yes checking for utmp.h... yes checking whether your struct utmp has ut_user... yes checking whether your struct utmp has ut_host... yes checking whether your struct utmp has ut_exit... yes checking whether your syslog.h defines LOG_CRON... yes checking whether your syslog.h defines LOG_FTP... yes checking for d_fd in DIR structure... no checking for dd_fd in DIR structure... no checking for __dd_fd in DIR structure... no checking for working alloca.h... yes checking for alloca... yes checking for alloca in -lucb... no checking whether gcc needs -traditional... no checking whether setpgrp takes no argument... yes checking return type of signal handlers... void checking for vprintf... yes checking for _doprnt... no checking for bcopy... yes checking for crypt... yes checking for fgetgrent... yes checking for fgetpwent... yes checking for flock... yes checking for freeaddrinfo... yes checking for gai_strerror... yes checking for getaddrinfo... yes checking for getcwd... yes checking for gethostname... yes checking for getnameinfo... yes checking for getopt_long... yes checking for gettimeofday... yes checking for inet_aton... yes checking for inet_ntop... yes checking for inet_pton... yes checking for memcpy... yes checking for mempcpy... yes checking for mkdir... yes checking for mkstemp... yes checking for mlock... yes checking for mlockall... yes checking for munlock... yes checking for munlockall... yes checking for rmdir... yes checking for select... yes checking for setgroups... yes checking for socket... yes checking for statfs... yes checking for strchr... yes checking for strcoll... yes checking for strerror... yes checking for strsep... yes checking for strtol... yes checking for setprotoent... yes checking for endprotoent... yes checking for vsnprintf... yes checking for snprintf... yes checking for setsid... yes checking for setgroupent... no checking for seteuid... yes checking for setegid... yes checking for siginterrupt... yes checking for setpgid... yes checking for regcomp... yes checking for tzset... yes checking for pathconf... yes checking for fpathconf... yes checking for fgetspent... yes checking for setpassent... no checking whether struct addrinfo is defined... yes checking whether struct sockaddr_storage is defined... yes checking whether ss_family is defined... yes checking whether ss_len is defined... no checking whether __ss_len is defined... no checking whether setgrent returns void... yes checking for initscr in -lcurses... yes checking for initscr in -lncurses... yes checking for setproctitle... no checking libutil.h usability... no checking libutil.h presence... no checking for libutil.h... no checking for setproctitle in -lutil... no checking sys/pstat.h usability... no checking sys/pstat.h presence... no checking for sys/pstat.h... no checking whether __progname and __progname_full are available... yes checking which argv replacement method to use... writeable checking whether printf supports %llu format... yes checking whether gcc accepts -Wno-long-double... no configure: creating ./config.status config.status: creating lib/Makefile config.status: creating modules/Makefile config.status: creating src/Makefile config.status: creating src/proftpd.8 config.status: creating src/xferlog.5 config.status: creating utils/Makefile config.status: creating utils/ftpcount.1 config.status: creating utils/ftpshut.8 config.status: creating utils/ftptop.1 config.status: creating utils/ftpwho.1 config.status: creating Makefile config.status: creating Make.rules config.status: creating config.h config.status: executing default commands [root@knowledgebase proftpd-1.2.9rc2p]# [root@knowledgebase proftpd-1.2.9rc2p]# make echo \#define BUILD_STAMP \"`date`\" >include/buildstamp.h cd lib/ && make lib make[1]: Wechsel in das Verzeichnis Verzeichnis »/usr/src/proftpd-1.2.9rc2p/lib« gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c pr_fnmatch.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c sstrncpy.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c strsep.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c vsnprintf.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c glibc-glob.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c glibc-mkstemp.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c pr-syslog.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c pwgrent.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c getopt.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c getopt1.c ar rc libsupp.a pr_fnmatch.o sstrncpy.o strsep.o vsnprintf.o glibc-glob.o glibc-mkstemp.o pr-syslog.o pwgrent.o getopt.o getopt1.o ranlib libsupp.a make[1]: Verlassen des Verzeichnisses Verzeichnis »/usr/src/proftpd-1.2.9rc2p/lib« cd src/ && make src make[1]: Wechsel in das Verzeichnis Verzeichnis »/usr/src/proftpd-1.2.9rc2p/src« gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c main.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c timers.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c sets.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c pool.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c regexp.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c dirtree.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c support.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c netaddr.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c inet.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c log.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c bindings.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c scoreboard.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c feat.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c netio.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c response.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c ident.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c data.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c modules.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c auth.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c fsio.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mkhome.c make[1]: Verlassen des Verzeichnisses Verzeichnis »/usr/src/proftpd-1.2.9rc2p/src« cd modules/ && make modules make[1]: Wechsel in das Verzeichnis Verzeichnis »/usr/src/proftpd-1.2.9rc2p/modules« gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_core.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_xfer.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_auth_unix.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_auth_file.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_auth.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_ls.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_log.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_site.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_sql.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_sql_mysql.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_conf_sql.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_ifsession.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_wrap.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_wrap_file.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_wrap_sql.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_tls.c gcc -DLINUX -I.. -I../include -I/usr/include/mysql -O2 -Wall -c mod_exec.c mod_exec.c: In function `exec_subst_var': mod_exec.c:402: structure has no member named `remote_ipaddr' mod_exec.c:402: structure has no member named `remote_ipaddr' make[1]: *** [mod_exec.o] Fehler 1 make[1]: Verlassen des Verzeichnisses Verzeichnis »/usr/src/proftpd-1.2.9rc2p/modules« make: *** [modules] Fehler 2 |