Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2011-1575

The STARTTLS implementation in ftp_parser.c in Pure-FTPd before 1.0.30 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted FTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.

Published

2011-05-23T22:55:01.207

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

4.9

Weaknesses

Type: Primary
CWE-399

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	pureftpd	pure-ftpd	≤ 1.0.29	Yes
Application	pureftpd	pure-ftpd	0.90	Yes
Application	pureftpd	pure-ftpd	0.91	Yes
Application	pureftpd	pure-ftpd	0.92	Yes
Application	pureftpd	pure-ftpd	0.93	Yes
Application	pureftpd	pure-ftpd	0.94	Yes
Application	pureftpd	pure-ftpd	0.95	Yes
Application	pureftpd	pure-ftpd	0.95-pre1	Yes
Application	pureftpd	pure-ftpd	0.95-pre2	Yes
Application	pureftpd	pure-ftpd	0.95-pre3	Yes
Application	pureftpd	pure-ftpd	0.95-pre4	Yes
Application	pureftpd	pure-ftpd	0.95.1	Yes
Application	pureftpd	pure-ftpd	0.95.2	Yes
Application	pureftpd	pure-ftpd	0.96	Yes
Application	pureftpd	pure-ftpd	0.96.1	Yes
Application	pureftpd	pure-ftpd	0.96pre1	Yes
Application	pureftpd	pure-ftpd	0.97-final	Yes
Application	pureftpd	pure-ftpd	0.97.1	Yes
Application	pureftpd	pure-ftpd	0.97.2	Yes
Application	pureftpd	pure-ftpd	0.97.3	Yes
Application	pureftpd	pure-ftpd	0.97.4	Yes
Application	pureftpd	pure-ftpd	0.97.5	Yes
Application	pureftpd	pure-ftpd	0.97.6	Yes
Application	pureftpd	pure-ftpd	0.97.7	Yes
Application	pureftpd	pure-ftpd	0.97.7pre1	Yes
Application	pureftpd	pure-ftpd	0.97.7pre2	Yes
Application	pureftpd	pure-ftpd	0.97.7pre3	Yes
Application	pureftpd	pure-ftpd	0.97pre1	Yes
Application	pureftpd	pure-ftpd	0.97pre2	Yes
Application	pureftpd	pure-ftpd	0.97pre3	Yes
Application	pureftpd	pure-ftpd	0.97pre4	Yes
Application	pureftpd	pure-ftpd	0.97pre5	Yes
Application	pureftpd	pure-ftpd	0.98-final	Yes
Application	pureftpd	pure-ftpd	0.98.1	Yes
Application	pureftpd	pure-ftpd	0.98.2	Yes
Application	pureftpd	pure-ftpd	0.98.2a	Yes
Application	pureftpd	pure-ftpd	0.98.3	Yes
Application	pureftpd	pure-ftpd	0.98.4	Yes
Application	pureftpd	pure-ftpd	0.98.5	Yes
Application	pureftpd	pure-ftpd	0.98.6	Yes
Application	pureftpd	pure-ftpd	0.98.7	Yes
Application	pureftpd	pure-ftpd	0.98pre1	Yes
Application	pureftpd	pure-ftpd	0.98pre2	Yes
Application	pureftpd	pure-ftpd	0.99	Yes
Application	pureftpd	pure-ftpd	0.99.1	Yes
Application	pureftpd	pure-ftpd	0.99.1a	Yes
Application	pureftpd	pure-ftpd	0.99.1b	Yes
Application	pureftpd	pure-ftpd	0.99.2	Yes
Application	pureftpd	pure-ftpd	0.99.2a	Yes
Application	pureftpd	pure-ftpd	0.99.3	Yes
Application	pureftpd	pure-ftpd	0.99.4	Yes
Application	pureftpd	pure-ftpd	0.99.9	Yes
Application	pureftpd	pure-ftpd	0.99a	Yes
Application	pureftpd	pure-ftpd	0.99b	Yes
Application	pureftpd	pure-ftpd	0.99pre1	Yes
Application	pureftpd	pure-ftpd	0.99pre2	Yes
Application	pureftpd	pure-ftpd	1.0.0	Yes
Application	pureftpd	pure-ftpd	1.0.1	Yes
Application	pureftpd	pure-ftpd	1.0.2	Yes
Application	pureftpd	pure-ftpd	1.0.3	Yes
Application	pureftpd	pure-ftpd	1.0.4	Yes
Application	pureftpd	pure-ftpd	1.0.5	Yes
Application	pureftpd	pure-ftpd	1.0.6	Yes
Application	pureftpd	pure-ftpd	1.0.7	Yes
Application	pureftpd	pure-ftpd	1.0.8	Yes
Application	pureftpd	pure-ftpd	1.0.9	Yes
Application	pureftpd	pure-ftpd	1.0.10	Yes
Application	pureftpd	pure-ftpd	1.0.11	Yes
Application	pureftpd	pure-ftpd	1.0.12	Yes
Application	pureftpd	pure-ftpd	1.0.13a	Yes
Application	pureftpd	pure-ftpd	1.0.14	Yes
Application	pureftpd	pure-ftpd	1.0.15	Yes
Application	pureftpd	pure-ftpd	1.0.16a	Yes
Application	pureftpd	pure-ftpd	1.0.16b	Yes
Application	pureftpd	pure-ftpd	1.0.16c	Yes
Application	pureftpd	pure-ftpd	1.0.17	Yes
Application	pureftpd	pure-ftpd	1.0.17a	Yes
Application	pureftpd	pure-ftpd	1.0.18	Yes
Application	pureftpd	pure-ftpd	1.0.19	Yes
Application	pureftpd	pure-ftpd	1.0.20	Yes
Application	pureftpd	pure-ftpd	1.0.21	Yes
Application	pureftpd	pure-ftpd	1.0.22	Yes
Application	pureftpd	pure-ftpd	1.0.24	Yes
Application	pureftpd	pure-ftpd	1.0.25	Yes
Application	pureftpd	pure-ftpd	1.0.26	Yes
Application	pureftpd	pure-ftpd	1.0.27	Yes
Application	pureftpd	pure-ftpd	1.0.28	Yes

References

http://archives.pureftpd.org/archives.cgi?100:mss:3906:201103:cpeojfkblajnpinkeadd ([email protected])
http://archives.pureftpd.org/archives.cgi?100:mss:3910:201103:cpeojfkblajnpinkeadd Patch ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html ([email protected])
http://lists.opensuse.org/opensuse-updates/2011-05/msg00029.html ([email protected])
http://openwall.com/lists/oss-security/2011/04/11/14 ([email protected])
http://openwall.com/lists/oss-security/2011/04/11/3 ([email protected])
http://openwall.com/lists/oss-security/2011/04/11/7 ([email protected])
http://openwall.com/lists/oss-security/2011/04/11/8 ([email protected])
http://secunia.com/advisories/43988 Vendor Advisory ([email protected])
http://secunia.com/advisories/44548 ([email protected])
http://www.pureftpd.org/project/pure-ftpd/news ([email protected])
https://bugzilla.novell.com/show_bug.cgi?id=686590 Patch ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=683221 ([email protected])
https://github.com/jedisct1/pure-ftpd/commit/65c4d4ad331e94661de763e9b5304d28698999c4 Patch ([email protected])
http://archives.pureftpd.org/archives.cgi?100:mss:3906:201103:cpeojfkblajnpinkeadd (af854a3a-2127-422b-91ae-364da2661108)
http://archives.pureftpd.org/archives.cgi?100:mss:3910:201103:cpeojfkblajnpinkeadd Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2011-05/msg00029.html (af854a3a-2127-422b-91ae-364da2661108)
http://openwall.com/lists/oss-security/2011/04/11/14 (af854a3a-2127-422b-91ae-364da2661108)
http://openwall.com/lists/oss-security/2011/04/11/3 (af854a3a-2127-422b-91ae-364da2661108)
http://openwall.com/lists/oss-security/2011/04/11/7 (af854a3a-2127-422b-91ae-364da2661108)
http://openwall.com/lists/oss-security/2011/04/11/8 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43988 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/44548 (af854a3a-2127-422b-91ae-364da2661108)
http://www.pureftpd.org/project/pure-ftpd/news (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.novell.com/show_bug.cgi?id=686590 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=683221 (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/jedisct1/pure-ftpd/commit/65c4d4ad331e94661de763e9b5304d28698999c4 Patch (af854a3a-2127-422b-91ae-364da2661108)