漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR
Vulnerability Description
ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in dir_canonical_path() to cause dir_check() to perform lexical path comparisons that match no configured Directory block, enabling rename operations on files in DenyAll-protected directories and subsequent retrieval of those files. Mitigation: Sessions configured with DefaultRoot (chroot) are not affected, as chroot changes the directory to which /proc/self/root resolves.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
proftpd 后置链接漏洞
Vulnerability Description
ProFTPD是ProFTPD团队开源的一套可配置性强的开放源代码的FTP服务器软件。 ProFTPD 1.3.9b及之前版本和1.3.10rc2及之前版本存在后置链接漏洞,该漏洞源于RNFR命令处理程序中的路径前缀问题,允许经过身份验证的FTP用户通过前缀路径(/proc/self/root)绕过目录ACL限制,利用dir_canonical_path()中的未解析符号链接组件导致dir_check()执行不匹配配置的目录块的词法路径比较,从而对DenyAll保护的目录中的文件执行重命名操作并检索这些文
CVSS Information
N/A
Vulnerability Type
N/A