[NOT i-MSCP RELATED] ProFTPD Unauthenticated copying of files via SITE CPFR/CPTO allowed by mod_copy

  • What's possible with this exploit and imscp? As I understood the attacker can just copy files to the /tmp-directory, because he has no other permissions to access for example folders like webpages (if he has no ftp account)...
    Am I right?


    PS: I also had a /tmp/passwd.copy
    PS²: For debian wheezy there's still no update, so I've deactivated the affected module and restarted the service

  • @Ninos


    The question is: Does this module is activated by default in Debian? If yes and if this is really a security for us, I can disable it through the installer.

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Yes since wheezy it's enabled per default. But not if you upgraded from squeeze to wheezy/jessie. In Jessie proftpd is already fixed, for wheezy there's atm no patch.

  • I'll fix that so for 1.2.3 version ;)


    Thanks ;)

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Update for debian wheezy exists now. I'll test if exploit is fixed and then report :-)


    Update: as I can see bug should be fixed

  • @Ninos


    Great new (less work for me) ;)



    Thanks bro ;)

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206