PCI compliance report issues
ProFTPD version 1.3.5B is vulnerable -- ProFTPD CVE-2017-7418 Local Security Bypass Vulnerability
"ProFTPD is prone to a local security-bypass vulnerability.
An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions.
ProFTPD prior to 1.3.5e and 1.3.6 prior to 1.3.6rc5 are vulnerable."
OpenSSH 7.5 is vulnerable --- CVE-2017-15906
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
-
Hello, 1. As I understand, the "AllowChrootSymlinks" ProFTPd configuration option is enabled by default. The report referenced on the URL below notes a bug that applies to systems where "AllowChrootSymlinks" is turned off: CVE - CVE-2017-7418 Thus, by default, your server should not be affected by this bug. That said, I've opened internal case CPANEL-17794 to request an update to the ProFTPd version we distribute with cPanel. I'll monitor this case and update this thread with more information as it becomes available. 2. cPanel does not distribute the OpenSSH package. It's provided by your OS (e.g. CentOS). You can update your system packages to the latest versions offered by your OS with the "yum update" command, however it doesn't look like CentOS distrubutes OpenSSH 7.6 with the corresponding bug fix at this time: Bug 1506630 " CVE-2017-15906 openssh: Improper write operations in readonly mode allow for zero-length file creation That said, note the analysis of this bug: Analysis: It seems the maximum impact of this flaw is that the attacker can create an extremely large number of zero length files to fill up a harddisk on a remote server which the attacker has read-only access to.
Additionally, it only applies to systems with SFTP configured in read-only mode, which isn't a default configuration. Thank you.0 -
Hello, To update, the updated version of ProFTPd is included in cPanel version 70: Fixed case CPANEL-17794: Update proftpd to 1.3.6-1.cp1170. Thank you. 0
Please sign in to leave a comment.
Comments
2 comments