Published: 23/05/2011 Updated: 21/02/2014

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

The STARTTLS implementation in ftp_parser.c in Pure-FTPd prior to 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle malicious users to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pureftpd pure-ftpd 1.0.16a
pureftpd pure-ftpd 1.0.14
pureftpd pure-ftpd 1.0.15
pureftpd pure-ftpd 1.0.20
pureftpd pure-ftpd 1.0.21
pureftpd pure-ftpd 1.0.10
pureftpd pure-ftpd 1.0.9
pureftpd pure-ftpd 1.0.2
pureftpd pure-ftpd 1.0.1
pureftpd pure-ftpd 0.99.1a
pureftpd pure-ftpd 0.99.1
pureftpd pure-ftpd 0.98.6
pureftpd pure-ftpd 0.98.5
pureftpd pure-ftpd 0.98pre2
pureftpd pure-ftpd 0.98pre1
pureftpd pure-ftpd 0.97.3
pureftpd pure-ftpd 0.97.2
pureftpd pure-ftpd 0.97pre1
pureftpd pure-ftpd 0.96.1
pureftpd pure-ftpd 0.95-pre3
pureftpd pure-ftpd 0.95-pre2
pureftpd pure-ftpd 0.95-pre1
pureftpd pure-ftpd 1.0.12
pureftpd pure-ftpd 1.0.13a
pureftpd pure-ftpd 1.0.18
pureftpd pure-ftpd 1.0.19
pureftpd pure-ftpd 1.0.28
pureftpd pure-ftpd
pureftpd pure-ftpd 1.0.4
pureftpd pure-ftpd 1.0.3
pureftpd pure-ftpd 0.99.2
pureftpd pure-ftpd 0.99.1b
pureftpd pure-ftpd 0.99pre1
pureftpd pure-ftpd 0.98.7
pureftpd pure-ftpd 0.98.1
pureftpd pure-ftpd 0.98-final
pureftpd pure-ftpd 0.97.5
pureftpd pure-ftpd 0.97.4
pureftpd pure-ftpd 0.97pre3
pureftpd pure-ftpd 0.97pre2
pureftpd pure-ftpd 0.95
pureftpd pure-ftpd 0.95-pre4
pureftpd pure-ftpd 0.90
pureftpd pure-ftpd 1.0.16b
pureftpd pure-ftpd 1.0.24
pureftpd pure-ftpd 1.0.25
pureftpd pure-ftpd 1.0.8
pureftpd pure-ftpd 1.0.7
pureftpd pure-ftpd 1.0.0
pureftpd pure-ftpd 0.99.9
pureftpd pure-ftpd 0.99.4
pureftpd pure-ftpd 0.99b
pureftpd pure-ftpd 0.99a
pureftpd pure-ftpd 0.98.4
pureftpd pure-ftpd 0.98.3
pureftpd pure-ftpd 0.97.7
pureftpd pure-ftpd 0.97.7pre3
pureftpd pure-ftpd 0.97.7pre2
pureftpd pure-ftpd 0.97.1
pureftpd pure-ftpd 0.97-final
pureftpd pure-ftpd 0.96
pureftpd pure-ftpd 0.96pre1
pureftpd pure-ftpd 0.94
pureftpd pure-ftpd 0.93
pureftpd pure-ftpd 1.0.22
pureftpd pure-ftpd 1.0.11
pureftpd pure-ftpd 1.0.16c
pureftpd pure-ftpd 1.0.17
pureftpd pure-ftpd 1.0.17a
pureftpd pure-ftpd 1.0.26
pureftpd pure-ftpd 1.0.27
pureftpd pure-ftpd 1.0.6
pureftpd pure-ftpd 1.0.5
pureftpd pure-ftpd 0.99.3
pureftpd pure-ftpd 0.99.2a
pureftpd pure-ftpd 0.99
pureftpd pure-ftpd 0.99pre2
pureftpd pure-ftpd 0.98.2a
pureftpd pure-ftpd 0.98.2
pureftpd pure-ftpd 0.97.7pre1
pureftpd pure-ftpd 0.97.6
pureftpd pure-ftpd 0.97pre5
pureftpd pure-ftpd 0.97pre4
pureftpd pure-ftpd 0.95.2
pureftpd pure-ftpd 0.95.1
pureftpd pure-ftpd 0.92
pureftpd pure-ftpd 0.91

CWE-399 http://openwall.com/lists/oss-security/2011/04/11/8 http://openwall.com/lists/oss-security/2011/04/11/7 http://openwall.com/lists/oss-security/2011/04/11/14 http://secunia.com/advisories/43988 https://github.com/jedisct1/pure-ftpd/commit/65c4d4ad331e94661de763e9b5304d28698999c4 http://secunia.com/advisories/44548 http://archives.pureftpd.org/archives.cgi?100:mss:3906:201103:cpeojfkblajnpinkeadd http://lists.opensuse.org/opensuse-updates/2011-05/msg00029.html http://www.pureftpd.org/project/pure-ftpd/news http://archives.pureftpd.org/archives.cgi?100:mss:3910:201103:cpeojfkblajnpinkeadd https://bugzilla.novell.com/show_bug.cgi?id=686590 https://bugzilla.redhat.com/show_bug.cgi?id=683221 http://openwall.com/lists/oss-security/2011/04/11/3 http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html https://nvd.nist.gov https://www.kb.cert.org/vuls/id/555316

Get Started

CVE-2011-1575

Vulnerability Summary

References

Vulmon Search

About

Products

Connect