Fedora 31 update for proftpd
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2019-19269 CVE-2019-19270 |
| CWE-ID | CWE-476 CWE-295 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Fedora Operating systems & Components / Operating system proftpd Operating systems & Components / Operating system package or component |
| Vendor | Fedoraproject |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) NULL pointer dereference
EUVDB-ID: #VU26104
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-19269
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference in tls_verify_crl() function in ProFTPD while processing data, returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrator. A remote attacker can trigger the NULL pointer dereference error when validating the certificate of a client connecting to the server in a TLS client/server mutual-authentication setup.
Successful exploitation of the vulnerability will result in a denial of service condition.
Install updates from vendor's repository.
Vulnerable software versionsFedora: 31
proftpd: before 1.3.6b-2.fc31
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-2019-bfacf1e958
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Certificate Validation
EUVDB-ID: #VU35035
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-19270
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsFedora: 31
proftpd: before 1.3.6b-2.fc31
CPE2.3 External linkshttps://bodhi.fedoraproject.org/updates/FEDORA-2019-bfacf1e958
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
