what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2011-046

Mandriva Linux Security Advisory 2011-046
Posted Mar 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-046 - A security flaw was discovered in pure-ftpd which allows plaintext command injection over TLS.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-0411
SHA-256 | c79c0998d50cb9fdb22adc00fc447d479980cc0727ac9682e23c6d0d74fb19d2

Mandriva Linux Security Advisory 2011-046

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:046
https://www.mandriva.com/security/
_______________________________________________________________________

Package : pure-ftpd
Date : March 17, 2011
Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A security flaw was discovered in pure-ftpd which allows plaintext
command injection over TLS (similar to CVE-2011-0411).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
https://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

https://www.postfix.org/CVE-2011-0411.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.0:
ed4ae86475a00faaadbda5683ee496f5 2009.0/i586/pure-ftpd-1.0.21-8.1mdv2009.0.i586.rpm
0dea42dbd5958a0a4a4e8a47d020062a 2009.0/i586/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.i586.rpm
3f3c60fbe60ffa16a542ae78868042c1 2009.0/i586/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.i586.rpm
32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
9fbbd20ce659012dcef2ea534b3e065c 2009.0/x86_64/pure-ftpd-1.0.21-8.1mdv2009.0.x86_64.rpm
d953ece1911ad4f744b5fe5f704c2e9e 2009.0/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdv2009.0.x86_64.rpm
fd131923aa12607939a33ab0d5a47690 2009.0/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdv2009.0.x86_64.rpm
32f302505171f7d7801acec8e0aac0ab 2009.0/SRPMS/pure-ftpd-1.0.21-8.1mdv2009.0.src.rpm

Mandriva Linux 2010.0:
580032400f3f536b90509404bfa5ff50 2010.0/i586/pure-ftpd-1.0.22-1.1mdv2010.0.i586.rpm
05fe3428a8378f9c7e8282d9e62c9fdf 2010.0/i586/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.i586.rpm
8e63f703e071bf7f819b98cb96eeab1d 2010.0/i586/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.i586.rpm
5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
897957ada6eadf9e87bae3e26ff442fe 2010.0/x86_64/pure-ftpd-1.0.22-1.1mdv2010.0.x86_64.rpm
add9ece828990b566192691992e43cc6 2010.0/x86_64/pure-ftpd-anon-upload-1.0.22-1.1mdv2010.0.x86_64.rpm
6c82671449daf5c7b9d6e40c4c33939b 2010.0/x86_64/pure-ftpd-anonymous-1.0.22-1.1mdv2010.0.x86_64.rpm
5370b6f3148695cae7d37dd7a79c4158 2010.0/SRPMS/pure-ftpd-1.0.22-1.1mdv2010.0.src.rpm

Mandriva Linux 2010.1:
441c80d9c965274c99d34fce9a4bb6ca 2010.1/i586/pure-ftpd-1.0.29-2.1mdv2010.2.i586.rpm
f73c5b101a3100fa5ccf7be95cb820c1 2010.1/i586/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.i586.rpm
1bf7c0076615559f213f9e90aabe1ee3 2010.1/i586/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.i586.rpm
77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
7f83617195a06fe87d4fe91f78256ea8 2010.1/x86_64/pure-ftpd-1.0.29-2.1mdv2010.2.x86_64.rpm
d0428e106e4c4233a266b62b1208f63e 2010.1/x86_64/pure-ftpd-anon-upload-1.0.29-2.1mdv2010.2.x86_64.rpm
04a2e708f8334b33fda7975f72c9afd0 2010.1/x86_64/pure-ftpd-anonymous-1.0.29-2.1mdv2010.2.x86_64.rpm
77f0d44baa44e8abc0a5393154d1e347 2010.1/SRPMS/pure-ftpd-1.0.29-2.1mdv2010.2.src.rpm

Corporate 4.0:
2054ec719cbd8c9be8ad7e9bc654f79e corporate/4.0/i586/pure-ftpd-1.0.20-7.1.20060mlcs4.i586.rpm
2614d3560204ffb498f6c49453442d05 corporate/4.0/i586/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.i586.rpm
1fb356298d6a5c4b50b6822e8dde3e0b corporate/4.0/i586/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.i586.rpm
63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
b4d4edc6889d96135330b98057bf5396 corporate/4.0/x86_64/pure-ftpd-1.0.20-7.1.20060mlcs4.x86_64.rpm
99ffba7cc4e729a617ca45a10baa9125 corporate/4.0/x86_64/pure-ftpd-anon-upload-1.0.20-7.1.20060mlcs4.x86_64.rpm
b84684dfd4166dcf6def917014355b76 corporate/4.0/x86_64/pure-ftpd-anonymous-1.0.20-7.1.20060mlcs4.x86_64.rpm
63859bd845934e2d382fd2406a1fd9f7 corporate/4.0/SRPMS/pure-ftpd-1.0.20-7.1.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
3e3694e0220ab4cfc55b3d0614443d5d mes5/i586/pure-ftpd-1.0.21-8.1mdvmes5.2.i586.rpm
c281cdd9b6ab44f956802cbd9d327e36 mes5/i586/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.i586.rpm
ab25c5522a053fddf570a7af29f79db7 mes5/i586/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.i586.rpm
71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
dd4fbf6ccb18a342b91b2bdc07048fd9 mes5/x86_64/pure-ftpd-1.0.21-8.1mdvmes5.2.x86_64.rpm
70a0f49eaca5fd8f7a80967810fbfb7d mes5/x86_64/pure-ftpd-anon-upload-1.0.21-8.1mdvmes5.2.x86_64.rpm
7e6c3b99218158806d3c747f781a449b mes5/x86_64/pure-ftpd-anonymous-1.0.21-8.1mdvmes5.2.x86_64.rpm
71436d40f9fe4780edc71f326a71324c mes5/SRPMS/pure-ftpd-1.0.21-8.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

https://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFNghiJmqjQ0CJFipgRAmfEAJ4h4GUCYRRxPThbwS8OU/Nidb5IIwCgzjQL
Rdh2CJ9ld+U6AJmffwFyQO4=
=tWH8
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close